libssh.c 87 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) 2017 - 2022 Red Hat, Inc.
  9. *
  10. * Authors: Nikos Mavrogiannopoulos, Tomas Mraz, Stanislav Zidek,
  11. * Robert Kolcun, Andreas Schneider
  12. *
  13. * This software is licensed as described in the file COPYING, which
  14. * you should have received as part of this distribution. The terms
  15. * are also available at https://curl.se/docs/copyright.html.
  16. *
  17. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  18. * copies of the Software, and permit persons to whom the Software is
  19. * furnished to do so, under the terms of the COPYING file.
  20. *
  21. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  22. * KIND, either express or implied.
  23. *
  24. * SPDX-License-Identifier: curl
  25. *
  26. ***************************************************************************/
  27. #include "curl_setup.h"
  28. #ifdef USE_LIBSSH
  29. #include <limits.h>
  30. #include <libssh/libssh.h>
  31. #include <libssh/sftp.h>
  32. #ifdef HAVE_NETINET_IN_H
  33. #include <netinet/in.h>
  34. #endif
  35. #ifdef HAVE_ARPA_INET_H
  36. #include <arpa/inet.h>
  37. #endif
  38. #ifdef HAVE_UTSNAME_H
  39. #include <sys/utsname.h>
  40. #endif
  41. #ifdef HAVE_NETDB_H
  42. #include <netdb.h>
  43. #endif
  44. #ifdef __VMS
  45. #include <in.h>
  46. #include <inet.h>
  47. #endif
  48. #if (defined(NETWARE) && defined(__NOVELL_LIBC__))
  49. #undef in_addr_t
  50. #define in_addr_t unsigned long
  51. #endif
  52. #include <curl/curl.h>
  53. #include "urldata.h"
  54. #include "sendf.h"
  55. #include "hostip.h"
  56. #include "progress.h"
  57. #include "transfer.h"
  58. #include "escape.h"
  59. #include "http.h" /* for HTTP proxy tunnel stuff */
  60. #include "ssh.h"
  61. #include "url.h"
  62. #include "speedcheck.h"
  63. #include "getinfo.h"
  64. #include "strdup.h"
  65. #include "strcase.h"
  66. #include "vtls/vtls.h"
  67. #include "connect.h"
  68. #include "inet_ntop.h"
  69. #include "parsedate.h" /* for the week day and month names */
  70. #include "sockaddr.h" /* required for Curl_sockaddr_storage */
  71. #include "strtoofft.h"
  72. #include "multiif.h"
  73. #include "select.h"
  74. #include "warnless.h"
  75. #include "curl_path.h"
  76. #ifdef HAVE_SYS_STAT_H
  77. #include <sys/stat.h>
  78. #endif
  79. #ifdef HAVE_UNISTD_H
  80. #include <unistd.h>
  81. #endif
  82. #ifdef HAVE_FCNTL_H
  83. #include <fcntl.h>
  84. #endif
  85. /* The last 3 #include files should be in this order */
  86. #include "curl_printf.h"
  87. #include "curl_memory.h"
  88. #include "memdebug.h"
  89. /* in 0.10.0 or later, ignore deprecated warnings */
  90. #if defined(__GNUC__) && \
  91. (LIBSSH_VERSION_MINOR >= 10) || \
  92. (LIBSSH_VERSION_MAJOR > 0)
  93. #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
  94. #endif
  95. /* A recent macro provided by libssh. Or make our own. */
  96. #ifndef SSH_STRING_FREE_CHAR
  97. #define SSH_STRING_FREE_CHAR(x) \
  98. do { \
  99. if(x) { \
  100. ssh_string_free_char(x); \
  101. x = NULL; \
  102. } \
  103. } while(0)
  104. #endif
  105. /* These stat values may not be the same as the user's S_IFMT / S_IFLNK */
  106. #ifndef SSH_S_IFMT
  107. #define SSH_S_IFMT 00170000
  108. #endif
  109. #ifndef SSH_S_IFLNK
  110. #define SSH_S_IFLNK 0120000
  111. #endif
  112. /* Local functions: */
  113. static CURLcode myssh_connect(struct Curl_easy *data, bool *done);
  114. static CURLcode myssh_multi_statemach(struct Curl_easy *data,
  115. bool *done);
  116. static CURLcode myssh_do_it(struct Curl_easy *data, bool *done);
  117. static CURLcode scp_done(struct Curl_easy *data,
  118. CURLcode, bool premature);
  119. static CURLcode scp_doing(struct Curl_easy *data, bool *dophase_done);
  120. static CURLcode scp_disconnect(struct Curl_easy *data,
  121. struct connectdata *conn,
  122. bool dead_connection);
  123. static CURLcode sftp_done(struct Curl_easy *data,
  124. CURLcode, bool premature);
  125. static CURLcode sftp_doing(struct Curl_easy *data,
  126. bool *dophase_done);
  127. static CURLcode sftp_disconnect(struct Curl_easy *data,
  128. struct connectdata *conn,
  129. bool dead);
  130. static
  131. CURLcode sftp_perform(struct Curl_easy *data,
  132. bool *connected,
  133. bool *dophase_done);
  134. static void sftp_quote(struct Curl_easy *data);
  135. static void sftp_quote_stat(struct Curl_easy *data);
  136. static int myssh_getsock(struct Curl_easy *data,
  137. struct connectdata *conn, curl_socket_t *sock);
  138. static CURLcode myssh_setup_connection(struct Curl_easy *data,
  139. struct connectdata *conn);
  140. /*
  141. * SCP protocol handler.
  142. */
  143. const struct Curl_handler Curl_handler_scp = {
  144. "SCP", /* scheme */
  145. myssh_setup_connection, /* setup_connection */
  146. myssh_do_it, /* do_it */
  147. scp_done, /* done */
  148. ZERO_NULL, /* do_more */
  149. myssh_connect, /* connect_it */
  150. myssh_multi_statemach, /* connecting */
  151. scp_doing, /* doing */
  152. myssh_getsock, /* proto_getsock */
  153. myssh_getsock, /* doing_getsock */
  154. ZERO_NULL, /* domore_getsock */
  155. myssh_getsock, /* perform_getsock */
  156. scp_disconnect, /* disconnect */
  157. ZERO_NULL, /* readwrite */
  158. ZERO_NULL, /* connection_check */
  159. ZERO_NULL, /* attach connection */
  160. PORT_SSH, /* defport */
  161. CURLPROTO_SCP, /* protocol */
  162. CURLPROTO_SCP, /* family */
  163. PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY /* flags */
  164. };
  165. /*
  166. * SFTP protocol handler.
  167. */
  168. const struct Curl_handler Curl_handler_sftp = {
  169. "SFTP", /* scheme */
  170. myssh_setup_connection, /* setup_connection */
  171. myssh_do_it, /* do_it */
  172. sftp_done, /* done */
  173. ZERO_NULL, /* do_more */
  174. myssh_connect, /* connect_it */
  175. myssh_multi_statemach, /* connecting */
  176. sftp_doing, /* doing */
  177. myssh_getsock, /* proto_getsock */
  178. myssh_getsock, /* doing_getsock */
  179. ZERO_NULL, /* domore_getsock */
  180. myssh_getsock, /* perform_getsock */
  181. sftp_disconnect, /* disconnect */
  182. ZERO_NULL, /* readwrite */
  183. ZERO_NULL, /* connection_check */
  184. ZERO_NULL, /* attach connection */
  185. PORT_SSH, /* defport */
  186. CURLPROTO_SFTP, /* protocol */
  187. CURLPROTO_SFTP, /* family */
  188. PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION
  189. | PROTOPT_NOURLQUERY /* flags */
  190. };
  191. static CURLcode sftp_error_to_CURLE(int err)
  192. {
  193. switch(err) {
  194. case SSH_FX_OK:
  195. return CURLE_OK;
  196. case SSH_FX_NO_SUCH_FILE:
  197. case SSH_FX_NO_SUCH_PATH:
  198. return CURLE_REMOTE_FILE_NOT_FOUND;
  199. case SSH_FX_PERMISSION_DENIED:
  200. case SSH_FX_WRITE_PROTECT:
  201. return CURLE_REMOTE_ACCESS_DENIED;
  202. case SSH_FX_FILE_ALREADY_EXISTS:
  203. return CURLE_REMOTE_FILE_EXISTS;
  204. default:
  205. break;
  206. }
  207. return CURLE_SSH;
  208. }
  209. #ifndef DEBUGBUILD
  210. #define state(x,y) mystate(x,y)
  211. #else
  212. #define state(x,y) mystate(x,y, __LINE__)
  213. #endif
  214. /*
  215. * SSH State machine related code
  216. */
  217. /* This is the ONLY way to change SSH state! */
  218. static void mystate(struct Curl_easy *data, sshstate nowstate
  219. #ifdef DEBUGBUILD
  220. , int lineno
  221. #endif
  222. )
  223. {
  224. struct connectdata *conn = data->conn;
  225. struct ssh_conn *sshc = &conn->proto.sshc;
  226. #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
  227. /* for debug purposes */
  228. static const char *const names[] = {
  229. "SSH_STOP",
  230. "SSH_INIT",
  231. "SSH_S_STARTUP",
  232. "SSH_HOSTKEY",
  233. "SSH_AUTHLIST",
  234. "SSH_AUTH_PKEY_INIT",
  235. "SSH_AUTH_PKEY",
  236. "SSH_AUTH_PASS_INIT",
  237. "SSH_AUTH_PASS",
  238. "SSH_AUTH_AGENT_INIT",
  239. "SSH_AUTH_AGENT_LIST",
  240. "SSH_AUTH_AGENT",
  241. "SSH_AUTH_HOST_INIT",
  242. "SSH_AUTH_HOST",
  243. "SSH_AUTH_KEY_INIT",
  244. "SSH_AUTH_KEY",
  245. "SSH_AUTH_GSSAPI",
  246. "SSH_AUTH_DONE",
  247. "SSH_SFTP_INIT",
  248. "SSH_SFTP_REALPATH",
  249. "SSH_SFTP_QUOTE_INIT",
  250. "SSH_SFTP_POSTQUOTE_INIT",
  251. "SSH_SFTP_QUOTE",
  252. "SSH_SFTP_NEXT_QUOTE",
  253. "SSH_SFTP_QUOTE_STAT",
  254. "SSH_SFTP_QUOTE_SETSTAT",
  255. "SSH_SFTP_QUOTE_SYMLINK",
  256. "SSH_SFTP_QUOTE_MKDIR",
  257. "SSH_SFTP_QUOTE_RENAME",
  258. "SSH_SFTP_QUOTE_RMDIR",
  259. "SSH_SFTP_QUOTE_UNLINK",
  260. "SSH_SFTP_QUOTE_STATVFS",
  261. "SSH_SFTP_GETINFO",
  262. "SSH_SFTP_FILETIME",
  263. "SSH_SFTP_TRANS_INIT",
  264. "SSH_SFTP_UPLOAD_INIT",
  265. "SSH_SFTP_CREATE_DIRS_INIT",
  266. "SSH_SFTP_CREATE_DIRS",
  267. "SSH_SFTP_CREATE_DIRS_MKDIR",
  268. "SSH_SFTP_READDIR_INIT",
  269. "SSH_SFTP_READDIR",
  270. "SSH_SFTP_READDIR_LINK",
  271. "SSH_SFTP_READDIR_BOTTOM",
  272. "SSH_SFTP_READDIR_DONE",
  273. "SSH_SFTP_DOWNLOAD_INIT",
  274. "SSH_SFTP_DOWNLOAD_STAT",
  275. "SSH_SFTP_CLOSE",
  276. "SSH_SFTP_SHUTDOWN",
  277. "SSH_SCP_TRANS_INIT",
  278. "SSH_SCP_UPLOAD_INIT",
  279. "SSH_SCP_DOWNLOAD_INIT",
  280. "SSH_SCP_DOWNLOAD",
  281. "SSH_SCP_DONE",
  282. "SSH_SCP_SEND_EOF",
  283. "SSH_SCP_WAIT_EOF",
  284. "SSH_SCP_WAIT_CLOSE",
  285. "SSH_SCP_CHANNEL_FREE",
  286. "SSH_SESSION_DISCONNECT",
  287. "SSH_SESSION_FREE",
  288. "QUIT"
  289. };
  290. if(sshc->state != nowstate) {
  291. infof(data, "SSH %p state change from %s to %s (line %d)",
  292. (void *) sshc, names[sshc->state], names[nowstate],
  293. lineno);
  294. }
  295. #endif
  296. sshc->state = nowstate;
  297. }
  298. /* Multiple options:
  299. * 1. data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5] is set with an MD5
  300. * hash (90s style auth, not sure we should have it here)
  301. * 2. data->set.ssh_keyfunc callback is set. Then we do trust on first
  302. * use. We even save on knownhosts if CURLKHSTAT_FINE_ADD_TO_FILE
  303. * is returned by it.
  304. * 3. none of the above. We only accept if it is present on known hosts.
  305. *
  306. * Returns SSH_OK or SSH_ERROR.
  307. */
  308. static int myssh_is_known(struct Curl_easy *data)
  309. {
  310. int rc;
  311. struct connectdata *conn = data->conn;
  312. struct ssh_conn *sshc = &conn->proto.sshc;
  313. ssh_key pubkey;
  314. size_t hlen;
  315. unsigned char *hash = NULL;
  316. char *found_base64 = NULL;
  317. char *known_base64 = NULL;
  318. int vstate;
  319. enum curl_khmatch keymatch;
  320. struct curl_khkey foundkey;
  321. struct curl_khkey *knownkeyp = NULL;
  322. curl_sshkeycallback func =
  323. data->set.ssh_keyfunc;
  324. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,9,0)
  325. struct ssh_knownhosts_entry *knownhostsentry = NULL;
  326. struct curl_khkey knownkey;
  327. #endif
  328. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,8,0)
  329. rc = ssh_get_server_publickey(sshc->ssh_session, &pubkey);
  330. #else
  331. rc = ssh_get_publickey(sshc->ssh_session, &pubkey);
  332. #endif
  333. if(rc != SSH_OK)
  334. return rc;
  335. if(data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5]) {
  336. int i;
  337. char md5buffer[33];
  338. const char *pubkey_md5 = data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5];
  339. rc = ssh_get_publickey_hash(pubkey, SSH_PUBLICKEY_HASH_MD5,
  340. &hash, &hlen);
  341. if(rc != SSH_OK || hlen != 16) {
  342. failf(data,
  343. "Denied establishing ssh session: md5 fingerprint not available");
  344. goto cleanup;
  345. }
  346. for(i = 0; i < 16; i++)
  347. msnprintf(&md5buffer[i*2], 3, "%02x", (unsigned char)hash[i]);
  348. infof(data, "SSH MD5 fingerprint: %s", md5buffer);
  349. if(!strcasecompare(md5buffer, pubkey_md5)) {
  350. failf(data,
  351. "Denied establishing ssh session: mismatch md5 fingerprint. "
  352. "Remote %s is not equal to %s", md5buffer, pubkey_md5);
  353. rc = SSH_ERROR;
  354. goto cleanup;
  355. }
  356. rc = SSH_OK;
  357. goto cleanup;
  358. }
  359. if(data->set.ssl.primary.verifyhost != TRUE) {
  360. rc = SSH_OK;
  361. goto cleanup;
  362. }
  363. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,9,0)
  364. /* Get the known_key from the known hosts file */
  365. vstate = ssh_session_get_known_hosts_entry(sshc->ssh_session,
  366. &knownhostsentry);
  367. /* Case an entry was found in a known hosts file */
  368. if(knownhostsentry) {
  369. if(knownhostsentry->publickey) {
  370. rc = ssh_pki_export_pubkey_base64(knownhostsentry->publickey,
  371. &known_base64);
  372. if(rc != SSH_OK) {
  373. goto cleanup;
  374. }
  375. knownkey.key = known_base64;
  376. knownkey.len = strlen(known_base64);
  377. switch(ssh_key_type(knownhostsentry->publickey)) {
  378. case SSH_KEYTYPE_RSA:
  379. knownkey.keytype = CURLKHTYPE_RSA;
  380. break;
  381. case SSH_KEYTYPE_RSA1:
  382. knownkey.keytype = CURLKHTYPE_RSA1;
  383. break;
  384. case SSH_KEYTYPE_ECDSA:
  385. case SSH_KEYTYPE_ECDSA_P256:
  386. case SSH_KEYTYPE_ECDSA_P384:
  387. case SSH_KEYTYPE_ECDSA_P521:
  388. knownkey.keytype = CURLKHTYPE_ECDSA;
  389. break;
  390. case SSH_KEYTYPE_ED25519:
  391. knownkey.keytype = CURLKHTYPE_ED25519;
  392. break;
  393. case SSH_KEYTYPE_DSS:
  394. knownkey.keytype = CURLKHTYPE_DSS;
  395. break;
  396. default:
  397. rc = SSH_ERROR;
  398. goto cleanup;
  399. }
  400. knownkeyp = &knownkey;
  401. }
  402. }
  403. switch(vstate) {
  404. case SSH_KNOWN_HOSTS_OK:
  405. keymatch = CURLKHMATCH_OK;
  406. break;
  407. case SSH_KNOWN_HOSTS_OTHER:
  408. /* fallthrough */
  409. case SSH_KNOWN_HOSTS_NOT_FOUND:
  410. /* fallthrough */
  411. case SSH_KNOWN_HOSTS_UNKNOWN:
  412. /* fallthrough */
  413. case SSH_KNOWN_HOSTS_ERROR:
  414. keymatch = CURLKHMATCH_MISSING;
  415. break;
  416. default:
  417. keymatch = CURLKHMATCH_MISMATCH;
  418. break;
  419. }
  420. #else
  421. vstate = ssh_is_server_known(sshc->ssh_session);
  422. switch(vstate) {
  423. case SSH_SERVER_KNOWN_OK:
  424. keymatch = CURLKHMATCH_OK;
  425. break;
  426. case SSH_SERVER_FILE_NOT_FOUND:
  427. /* fallthrough */
  428. case SSH_SERVER_NOT_KNOWN:
  429. keymatch = CURLKHMATCH_MISSING;
  430. break;
  431. default:
  432. keymatch = CURLKHMATCH_MISMATCH;
  433. break;
  434. }
  435. #endif
  436. if(func) { /* use callback to determine action */
  437. rc = ssh_pki_export_pubkey_base64(pubkey, &found_base64);
  438. if(rc != SSH_OK)
  439. goto cleanup;
  440. foundkey.key = found_base64;
  441. foundkey.len = strlen(found_base64);
  442. switch(ssh_key_type(pubkey)) {
  443. case SSH_KEYTYPE_RSA:
  444. foundkey.keytype = CURLKHTYPE_RSA;
  445. break;
  446. case SSH_KEYTYPE_RSA1:
  447. foundkey.keytype = CURLKHTYPE_RSA1;
  448. break;
  449. case SSH_KEYTYPE_ECDSA:
  450. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,9,0)
  451. case SSH_KEYTYPE_ECDSA_P256:
  452. case SSH_KEYTYPE_ECDSA_P384:
  453. case SSH_KEYTYPE_ECDSA_P521:
  454. #endif
  455. foundkey.keytype = CURLKHTYPE_ECDSA;
  456. break;
  457. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,7,0)
  458. case SSH_KEYTYPE_ED25519:
  459. foundkey.keytype = CURLKHTYPE_ED25519;
  460. break;
  461. #endif
  462. case SSH_KEYTYPE_DSS:
  463. foundkey.keytype = CURLKHTYPE_DSS;
  464. break;
  465. default:
  466. rc = SSH_ERROR;
  467. goto cleanup;
  468. }
  469. Curl_set_in_callback(data, true);
  470. rc = func(data, knownkeyp, /* from the knownhosts file */
  471. &foundkey, /* from the remote host */
  472. keymatch, data->set.ssh_keyfunc_userp);
  473. Curl_set_in_callback(data, false);
  474. switch(rc) {
  475. case CURLKHSTAT_FINE_ADD_TO_FILE:
  476. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,8,0)
  477. rc = ssh_session_update_known_hosts(sshc->ssh_session);
  478. #else
  479. rc = ssh_write_knownhost(sshc->ssh_session);
  480. #endif
  481. if(rc != SSH_OK) {
  482. goto cleanup;
  483. }
  484. break;
  485. case CURLKHSTAT_FINE:
  486. break;
  487. default: /* REJECT/DEFER */
  488. rc = SSH_ERROR;
  489. goto cleanup;
  490. }
  491. }
  492. else {
  493. if(keymatch != CURLKHMATCH_OK) {
  494. rc = SSH_ERROR;
  495. goto cleanup;
  496. }
  497. }
  498. rc = SSH_OK;
  499. cleanup:
  500. if(found_base64) {
  501. (free)(found_base64);
  502. }
  503. if(known_base64) {
  504. (free)(known_base64);
  505. }
  506. if(hash)
  507. ssh_clean_pubkey_hash(&hash);
  508. ssh_key_free(pubkey);
  509. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,9,0)
  510. if(knownhostsentry) {
  511. ssh_knownhosts_entry_free(knownhostsentry);
  512. }
  513. #endif
  514. return rc;
  515. }
  516. #define MOVE_TO_ERROR_STATE(_r) do { \
  517. state(data, SSH_SESSION_DISCONNECT); \
  518. sshc->actualcode = _r; \
  519. rc = SSH_ERROR; \
  520. } while(0)
  521. #define MOVE_TO_SFTP_CLOSE_STATE() do { \
  522. state(data, SSH_SFTP_CLOSE); \
  523. sshc->actualcode = \
  524. sftp_error_to_CURLE(sftp_get_error(sshc->sftp_session)); \
  525. rc = SSH_ERROR; \
  526. } while(0)
  527. #define MOVE_TO_LAST_AUTH do { \
  528. if(sshc->auth_methods & SSH_AUTH_METHOD_PASSWORD) { \
  529. rc = SSH_OK; \
  530. state(data, SSH_AUTH_PASS_INIT); \
  531. } \
  532. else { \
  533. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED); \
  534. } \
  535. } while(0)
  536. #define MOVE_TO_TERTIARY_AUTH do { \
  537. if(sshc->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) { \
  538. rc = SSH_OK; \
  539. state(data, SSH_AUTH_KEY_INIT); \
  540. } \
  541. else { \
  542. MOVE_TO_LAST_AUTH; \
  543. } \
  544. } while(0)
  545. #define MOVE_TO_SECONDARY_AUTH do { \
  546. if(sshc->auth_methods & SSH_AUTH_METHOD_GSSAPI_MIC) { \
  547. rc = SSH_OK; \
  548. state(data, SSH_AUTH_GSSAPI); \
  549. } \
  550. else { \
  551. MOVE_TO_TERTIARY_AUTH; \
  552. } \
  553. } while(0)
  554. static
  555. int myssh_auth_interactive(struct connectdata *conn)
  556. {
  557. int rc;
  558. struct ssh_conn *sshc = &conn->proto.sshc;
  559. int nprompts;
  560. restart:
  561. switch(sshc->kbd_state) {
  562. case 0:
  563. rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
  564. if(rc == SSH_AUTH_AGAIN)
  565. return SSH_AGAIN;
  566. if(rc != SSH_AUTH_INFO)
  567. return SSH_ERROR;
  568. nprompts = ssh_userauth_kbdint_getnprompts(sshc->ssh_session);
  569. if(nprompts != 1)
  570. return SSH_ERROR;
  571. rc = ssh_userauth_kbdint_setanswer(sshc->ssh_session, 0, conn->passwd);
  572. if(rc < 0)
  573. return SSH_ERROR;
  574. /* FALLTHROUGH */
  575. case 1:
  576. sshc->kbd_state = 1;
  577. rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
  578. if(rc == SSH_AUTH_AGAIN)
  579. return SSH_AGAIN;
  580. else if(rc == SSH_AUTH_SUCCESS)
  581. rc = SSH_OK;
  582. else if(rc == SSH_AUTH_INFO) {
  583. nprompts = ssh_userauth_kbdint_getnprompts(sshc->ssh_session);
  584. if(nprompts)
  585. return SSH_ERROR;
  586. sshc->kbd_state = 2;
  587. goto restart;
  588. }
  589. else
  590. rc = SSH_ERROR;
  591. break;
  592. case 2:
  593. sshc->kbd_state = 2;
  594. rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
  595. if(rc == SSH_AUTH_AGAIN)
  596. return SSH_AGAIN;
  597. else if(rc == SSH_AUTH_SUCCESS)
  598. rc = SSH_OK;
  599. else
  600. rc = SSH_ERROR;
  601. break;
  602. default:
  603. return SSH_ERROR;
  604. }
  605. sshc->kbd_state = 0;
  606. return rc;
  607. }
  608. /*
  609. * ssh_statemach_act() runs the SSH state machine as far as it can without
  610. * blocking and without reaching the end. The data the pointer 'block' points
  611. * to will be set to TRUE if the libssh function returns SSH_AGAIN
  612. * meaning it wants to be called again when the socket is ready
  613. */
  614. static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block)
  615. {
  616. CURLcode result = CURLE_OK;
  617. struct connectdata *conn = data->conn;
  618. struct SSHPROTO *protop = data->req.p.ssh;
  619. struct ssh_conn *sshc = &conn->proto.sshc;
  620. curl_socket_t sock = conn->sock[FIRSTSOCKET];
  621. int rc = SSH_NO_ERROR, err;
  622. char *new_readdir_line;
  623. int seekerr = CURL_SEEKFUNC_OK;
  624. const char *err_msg;
  625. *block = 0; /* we're not blocking by default */
  626. do {
  627. switch(sshc->state) {
  628. case SSH_INIT:
  629. sshc->secondCreateDirs = 0;
  630. sshc->nextstate = SSH_NO_STATE;
  631. sshc->actualcode = CURLE_OK;
  632. #if 0
  633. ssh_set_log_level(SSH_LOG_PROTOCOL);
  634. #endif
  635. /* Set libssh to non-blocking, since everything internally is
  636. non-blocking */
  637. ssh_set_blocking(sshc->ssh_session, 0);
  638. state(data, SSH_S_STARTUP);
  639. /* FALLTHROUGH */
  640. case SSH_S_STARTUP:
  641. rc = ssh_connect(sshc->ssh_session);
  642. if(rc == SSH_AGAIN)
  643. break;
  644. if(rc != SSH_OK) {
  645. failf(data, "Failure establishing ssh session");
  646. MOVE_TO_ERROR_STATE(CURLE_FAILED_INIT);
  647. break;
  648. }
  649. state(data, SSH_HOSTKEY);
  650. /* FALLTHROUGH */
  651. case SSH_HOSTKEY:
  652. rc = myssh_is_known(data);
  653. if(rc != SSH_OK) {
  654. MOVE_TO_ERROR_STATE(CURLE_PEER_FAILED_VERIFICATION);
  655. break;
  656. }
  657. state(data, SSH_AUTHLIST);
  658. /* FALLTHROUGH */
  659. case SSH_AUTHLIST:{
  660. sshc->authed = FALSE;
  661. rc = ssh_userauth_none(sshc->ssh_session, NULL);
  662. if(rc == SSH_AUTH_AGAIN) {
  663. rc = SSH_AGAIN;
  664. break;
  665. }
  666. if(rc == SSH_AUTH_SUCCESS) {
  667. sshc->authed = TRUE;
  668. infof(data, "Authenticated with none");
  669. state(data, SSH_AUTH_DONE);
  670. break;
  671. }
  672. else if(rc == SSH_AUTH_ERROR) {
  673. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  674. break;
  675. }
  676. sshc->auth_methods = ssh_userauth_list(sshc->ssh_session, NULL);
  677. if(sshc->auth_methods & SSH_AUTH_METHOD_PUBLICKEY) {
  678. state(data, SSH_AUTH_PKEY_INIT);
  679. infof(data, "Authentication using SSH public key file");
  680. }
  681. else if(sshc->auth_methods & SSH_AUTH_METHOD_GSSAPI_MIC) {
  682. state(data, SSH_AUTH_GSSAPI);
  683. }
  684. else if(sshc->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) {
  685. state(data, SSH_AUTH_KEY_INIT);
  686. }
  687. else if(sshc->auth_methods & SSH_AUTH_METHOD_PASSWORD) {
  688. state(data, SSH_AUTH_PASS_INIT);
  689. }
  690. else { /* unsupported authentication method */
  691. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  692. break;
  693. }
  694. break;
  695. }
  696. case SSH_AUTH_PKEY_INIT:
  697. if(!(data->set.ssh_auth_types & CURLSSH_AUTH_PUBLICKEY)) {
  698. MOVE_TO_SECONDARY_AUTH;
  699. break;
  700. }
  701. /* Two choices, (1) private key was given on CMD,
  702. * (2) use the "default" keys. */
  703. if(data->set.str[STRING_SSH_PRIVATE_KEY]) {
  704. if(sshc->pubkey && !data->set.ssl.key_passwd) {
  705. rc = ssh_userauth_try_publickey(sshc->ssh_session, NULL,
  706. sshc->pubkey);
  707. if(rc == SSH_AUTH_AGAIN) {
  708. rc = SSH_AGAIN;
  709. break;
  710. }
  711. if(rc != SSH_OK) {
  712. MOVE_TO_SECONDARY_AUTH;
  713. break;
  714. }
  715. }
  716. rc = ssh_pki_import_privkey_file(data->
  717. set.str[STRING_SSH_PRIVATE_KEY],
  718. data->set.ssl.key_passwd, NULL,
  719. NULL, &sshc->privkey);
  720. if(rc != SSH_OK) {
  721. failf(data, "Could not load private key file %s",
  722. data->set.str[STRING_SSH_PRIVATE_KEY]);
  723. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  724. break;
  725. }
  726. state(data, SSH_AUTH_PKEY);
  727. break;
  728. }
  729. else {
  730. rc = ssh_userauth_publickey_auto(sshc->ssh_session, NULL,
  731. data->set.ssl.key_passwd);
  732. if(rc == SSH_AUTH_AGAIN) {
  733. rc = SSH_AGAIN;
  734. break;
  735. }
  736. if(rc == SSH_AUTH_SUCCESS) {
  737. rc = SSH_OK;
  738. sshc->authed = TRUE;
  739. infof(data, "Completed public key authentication");
  740. state(data, SSH_AUTH_DONE);
  741. break;
  742. }
  743. MOVE_TO_SECONDARY_AUTH;
  744. }
  745. break;
  746. case SSH_AUTH_PKEY:
  747. rc = ssh_userauth_publickey(sshc->ssh_session, NULL, sshc->privkey);
  748. if(rc == SSH_AUTH_AGAIN) {
  749. rc = SSH_AGAIN;
  750. break;
  751. }
  752. if(rc == SSH_AUTH_SUCCESS) {
  753. sshc->authed = TRUE;
  754. infof(data, "Completed public key authentication");
  755. state(data, SSH_AUTH_DONE);
  756. break;
  757. }
  758. else {
  759. infof(data, "Failed public key authentication (rc: %d)", rc);
  760. MOVE_TO_SECONDARY_AUTH;
  761. }
  762. break;
  763. case SSH_AUTH_GSSAPI:
  764. if(!(data->set.ssh_auth_types & CURLSSH_AUTH_GSSAPI)) {
  765. MOVE_TO_TERTIARY_AUTH;
  766. break;
  767. }
  768. rc = ssh_userauth_gssapi(sshc->ssh_session);
  769. if(rc == SSH_AUTH_AGAIN) {
  770. rc = SSH_AGAIN;
  771. break;
  772. }
  773. if(rc == SSH_AUTH_SUCCESS) {
  774. rc = SSH_OK;
  775. sshc->authed = TRUE;
  776. infof(data, "Completed gssapi authentication");
  777. state(data, SSH_AUTH_DONE);
  778. break;
  779. }
  780. MOVE_TO_TERTIARY_AUTH;
  781. break;
  782. case SSH_AUTH_KEY_INIT:
  783. if(data->set.ssh_auth_types & CURLSSH_AUTH_KEYBOARD) {
  784. state(data, SSH_AUTH_KEY);
  785. }
  786. else {
  787. MOVE_TO_LAST_AUTH;
  788. }
  789. break;
  790. case SSH_AUTH_KEY:
  791. /* Authentication failed. Continue with keyboard-interactive now. */
  792. rc = myssh_auth_interactive(conn);
  793. if(rc == SSH_AGAIN) {
  794. break;
  795. }
  796. if(rc == SSH_OK) {
  797. sshc->authed = TRUE;
  798. infof(data, "completed keyboard interactive authentication");
  799. }
  800. state(data, SSH_AUTH_DONE);
  801. break;
  802. case SSH_AUTH_PASS_INIT:
  803. if(!(data->set.ssh_auth_types & CURLSSH_AUTH_PASSWORD)) {
  804. /* Host key authentication is intentionally not implemented */
  805. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  806. break;
  807. }
  808. state(data, SSH_AUTH_PASS);
  809. /* FALLTHROUGH */
  810. case SSH_AUTH_PASS:
  811. rc = ssh_userauth_password(sshc->ssh_session, NULL, conn->passwd);
  812. if(rc == SSH_AUTH_AGAIN) {
  813. rc = SSH_AGAIN;
  814. break;
  815. }
  816. if(rc == SSH_AUTH_SUCCESS) {
  817. sshc->authed = TRUE;
  818. infof(data, "Completed password authentication");
  819. state(data, SSH_AUTH_DONE);
  820. }
  821. else {
  822. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  823. }
  824. break;
  825. case SSH_AUTH_DONE:
  826. if(!sshc->authed) {
  827. failf(data, "Authentication failure");
  828. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  829. break;
  830. }
  831. /*
  832. * At this point we have an authenticated ssh session.
  833. */
  834. infof(data, "Authentication complete");
  835. Curl_pgrsTime(data, TIMER_APPCONNECT); /* SSH is connected */
  836. conn->sockfd = sock;
  837. conn->writesockfd = CURL_SOCKET_BAD;
  838. if(conn->handler->protocol == CURLPROTO_SFTP) {
  839. state(data, SSH_SFTP_INIT);
  840. break;
  841. }
  842. infof(data, "SSH CONNECT phase done");
  843. state(data, SSH_STOP);
  844. break;
  845. case SSH_SFTP_INIT:
  846. ssh_set_blocking(sshc->ssh_session, 1);
  847. sshc->sftp_session = sftp_new(sshc->ssh_session);
  848. if(!sshc->sftp_session) {
  849. failf(data, "Failure initializing sftp session: %s",
  850. ssh_get_error(sshc->ssh_session));
  851. MOVE_TO_ERROR_STATE(CURLE_COULDNT_CONNECT);
  852. break;
  853. }
  854. rc = sftp_init(sshc->sftp_session);
  855. if(rc != SSH_OK) {
  856. failf(data, "Failure initializing sftp session: %s",
  857. ssh_get_error(sshc->ssh_session));
  858. MOVE_TO_ERROR_STATE(sftp_error_to_CURLE(SSH_FX_FAILURE));
  859. break;
  860. }
  861. state(data, SSH_SFTP_REALPATH);
  862. /* FALLTHROUGH */
  863. case SSH_SFTP_REALPATH:
  864. /*
  865. * Get the "home" directory
  866. */
  867. sshc->homedir = sftp_canonicalize_path(sshc->sftp_session, ".");
  868. if(!sshc->homedir) {
  869. MOVE_TO_ERROR_STATE(CURLE_COULDNT_CONNECT);
  870. break;
  871. }
  872. data->state.most_recent_ftp_entrypath = sshc->homedir;
  873. /* This is the last step in the SFTP connect phase. Do note that while
  874. we get the homedir here, we get the "workingpath" in the DO action
  875. since the homedir will remain the same between request but the
  876. working path will not. */
  877. DEBUGF(infof(data, "SSH CONNECT phase done"));
  878. state(data, SSH_STOP);
  879. break;
  880. case SSH_SFTP_QUOTE_INIT:
  881. result = Curl_getworkingpath(data, sshc->homedir, &protop->path);
  882. if(result) {
  883. sshc->actualcode = result;
  884. state(data, SSH_STOP);
  885. break;
  886. }
  887. if(data->set.quote) {
  888. infof(data, "Sending quote commands");
  889. sshc->quote_item = data->set.quote;
  890. state(data, SSH_SFTP_QUOTE);
  891. }
  892. else {
  893. state(data, SSH_SFTP_GETINFO);
  894. }
  895. break;
  896. case SSH_SFTP_POSTQUOTE_INIT:
  897. if(data->set.postquote) {
  898. infof(data, "Sending quote commands");
  899. sshc->quote_item = data->set.postquote;
  900. state(data, SSH_SFTP_QUOTE);
  901. }
  902. else {
  903. state(data, SSH_STOP);
  904. }
  905. break;
  906. case SSH_SFTP_QUOTE:
  907. /* Send any quote commands */
  908. sftp_quote(data);
  909. break;
  910. case SSH_SFTP_NEXT_QUOTE:
  911. Curl_safefree(sshc->quote_path1);
  912. Curl_safefree(sshc->quote_path2);
  913. sshc->quote_item = sshc->quote_item->next;
  914. if(sshc->quote_item) {
  915. state(data, SSH_SFTP_QUOTE);
  916. }
  917. else {
  918. if(sshc->nextstate != SSH_NO_STATE) {
  919. state(data, sshc->nextstate);
  920. sshc->nextstate = SSH_NO_STATE;
  921. }
  922. else {
  923. state(data, SSH_SFTP_GETINFO);
  924. }
  925. }
  926. break;
  927. case SSH_SFTP_QUOTE_STAT:
  928. sftp_quote_stat(data);
  929. break;
  930. case SSH_SFTP_QUOTE_SETSTAT:
  931. rc = sftp_setstat(sshc->sftp_session, sshc->quote_path2,
  932. sshc->quote_attrs);
  933. if(rc && !sshc->acceptfail) {
  934. Curl_safefree(sshc->quote_path1);
  935. Curl_safefree(sshc->quote_path2);
  936. failf(data, "Attempt to set SFTP stats failed: %s",
  937. ssh_get_error(sshc->ssh_session));
  938. state(data, SSH_SFTP_CLOSE);
  939. sshc->nextstate = SSH_NO_STATE;
  940. sshc->actualcode = CURLE_QUOTE_ERROR;
  941. /* sshc->actualcode = sftp_error_to_CURLE(err);
  942. * we do not send the actual error; we return
  943. * the error the libssh2 backend is returning */
  944. break;
  945. }
  946. state(data, SSH_SFTP_NEXT_QUOTE);
  947. break;
  948. case SSH_SFTP_QUOTE_SYMLINK:
  949. rc = sftp_symlink(sshc->sftp_session, sshc->quote_path2,
  950. sshc->quote_path1);
  951. if(rc && !sshc->acceptfail) {
  952. Curl_safefree(sshc->quote_path1);
  953. Curl_safefree(sshc->quote_path2);
  954. failf(data, "symlink command failed: %s",
  955. ssh_get_error(sshc->ssh_session));
  956. state(data, SSH_SFTP_CLOSE);
  957. sshc->nextstate = SSH_NO_STATE;
  958. sshc->actualcode = CURLE_QUOTE_ERROR;
  959. break;
  960. }
  961. state(data, SSH_SFTP_NEXT_QUOTE);
  962. break;
  963. case SSH_SFTP_QUOTE_MKDIR:
  964. rc = sftp_mkdir(sshc->sftp_session, sshc->quote_path1,
  965. (mode_t)data->set.new_directory_perms);
  966. if(rc && !sshc->acceptfail) {
  967. Curl_safefree(sshc->quote_path1);
  968. failf(data, "mkdir command failed: %s",
  969. ssh_get_error(sshc->ssh_session));
  970. state(data, SSH_SFTP_CLOSE);
  971. sshc->nextstate = SSH_NO_STATE;
  972. sshc->actualcode = CURLE_QUOTE_ERROR;
  973. break;
  974. }
  975. state(data, SSH_SFTP_NEXT_QUOTE);
  976. break;
  977. case SSH_SFTP_QUOTE_RENAME:
  978. rc = sftp_rename(sshc->sftp_session, sshc->quote_path1,
  979. sshc->quote_path2);
  980. if(rc && !sshc->acceptfail) {
  981. Curl_safefree(sshc->quote_path1);
  982. Curl_safefree(sshc->quote_path2);
  983. failf(data, "rename command failed: %s",
  984. ssh_get_error(sshc->ssh_session));
  985. state(data, SSH_SFTP_CLOSE);
  986. sshc->nextstate = SSH_NO_STATE;
  987. sshc->actualcode = CURLE_QUOTE_ERROR;
  988. break;
  989. }
  990. state(data, SSH_SFTP_NEXT_QUOTE);
  991. break;
  992. case SSH_SFTP_QUOTE_RMDIR:
  993. rc = sftp_rmdir(sshc->sftp_session, sshc->quote_path1);
  994. if(rc && !sshc->acceptfail) {
  995. Curl_safefree(sshc->quote_path1);
  996. failf(data, "rmdir command failed: %s",
  997. ssh_get_error(sshc->ssh_session));
  998. state(data, SSH_SFTP_CLOSE);
  999. sshc->nextstate = SSH_NO_STATE;
  1000. sshc->actualcode = CURLE_QUOTE_ERROR;
  1001. break;
  1002. }
  1003. state(data, SSH_SFTP_NEXT_QUOTE);
  1004. break;
  1005. case SSH_SFTP_QUOTE_UNLINK:
  1006. rc = sftp_unlink(sshc->sftp_session, sshc->quote_path1);
  1007. if(rc && !sshc->acceptfail) {
  1008. Curl_safefree(sshc->quote_path1);
  1009. failf(data, "rm command failed: %s",
  1010. ssh_get_error(sshc->ssh_session));
  1011. state(data, SSH_SFTP_CLOSE);
  1012. sshc->nextstate = SSH_NO_STATE;
  1013. sshc->actualcode = CURLE_QUOTE_ERROR;
  1014. break;
  1015. }
  1016. state(data, SSH_SFTP_NEXT_QUOTE);
  1017. break;
  1018. case SSH_SFTP_QUOTE_STATVFS:
  1019. {
  1020. sftp_statvfs_t statvfs;
  1021. statvfs = sftp_statvfs(sshc->sftp_session, sshc->quote_path1);
  1022. if(!statvfs && !sshc->acceptfail) {
  1023. Curl_safefree(sshc->quote_path1);
  1024. failf(data, "statvfs command failed: %s",
  1025. ssh_get_error(sshc->ssh_session));
  1026. state(data, SSH_SFTP_CLOSE);
  1027. sshc->nextstate = SSH_NO_STATE;
  1028. sshc->actualcode = CURLE_QUOTE_ERROR;
  1029. break;
  1030. }
  1031. else if(statvfs) {
  1032. char *tmp = aprintf("statvfs:\n"
  1033. "f_bsize: %llu\n" "f_frsize: %llu\n"
  1034. "f_blocks: %llu\n" "f_bfree: %llu\n"
  1035. "f_bavail: %llu\n" "f_files: %llu\n"
  1036. "f_ffree: %llu\n" "f_favail: %llu\n"
  1037. "f_fsid: %llu\n" "f_flag: %llu\n"
  1038. "f_namemax: %llu\n",
  1039. statvfs->f_bsize, statvfs->f_frsize,
  1040. statvfs->f_blocks, statvfs->f_bfree,
  1041. statvfs->f_bavail, statvfs->f_files,
  1042. statvfs->f_ffree, statvfs->f_favail,
  1043. statvfs->f_fsid, statvfs->f_flag,
  1044. statvfs->f_namemax);
  1045. sftp_statvfs_free(statvfs);
  1046. if(!tmp) {
  1047. result = CURLE_OUT_OF_MEMORY;
  1048. state(data, SSH_SFTP_CLOSE);
  1049. sshc->nextstate = SSH_NO_STATE;
  1050. break;
  1051. }
  1052. result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp));
  1053. free(tmp);
  1054. if(result) {
  1055. state(data, SSH_SFTP_CLOSE);
  1056. sshc->nextstate = SSH_NO_STATE;
  1057. sshc->actualcode = result;
  1058. }
  1059. }
  1060. state(data, SSH_SFTP_NEXT_QUOTE);
  1061. break;
  1062. }
  1063. case SSH_SFTP_GETINFO:
  1064. if(data->set.get_filetime) {
  1065. state(data, SSH_SFTP_FILETIME);
  1066. }
  1067. else {
  1068. state(data, SSH_SFTP_TRANS_INIT);
  1069. }
  1070. break;
  1071. case SSH_SFTP_FILETIME:
  1072. {
  1073. sftp_attributes attrs;
  1074. attrs = sftp_stat(sshc->sftp_session, protop->path);
  1075. if(attrs) {
  1076. data->info.filetime = attrs->mtime;
  1077. sftp_attributes_free(attrs);
  1078. }
  1079. state(data, SSH_SFTP_TRANS_INIT);
  1080. break;
  1081. }
  1082. case SSH_SFTP_TRANS_INIT:
  1083. if(data->set.upload)
  1084. state(data, SSH_SFTP_UPLOAD_INIT);
  1085. else {
  1086. if(protop->path[strlen(protop->path)-1] == '/')
  1087. state(data, SSH_SFTP_READDIR_INIT);
  1088. else
  1089. state(data, SSH_SFTP_DOWNLOAD_INIT);
  1090. }
  1091. break;
  1092. case SSH_SFTP_UPLOAD_INIT:
  1093. {
  1094. int flags;
  1095. if(data->state.resume_from) {
  1096. sftp_attributes attrs;
  1097. if(data->state.resume_from < 0) {
  1098. attrs = sftp_stat(sshc->sftp_session, protop->path);
  1099. if(attrs) {
  1100. curl_off_t size = attrs->size;
  1101. if(size < 0) {
  1102. failf(data, "Bad file size (%" CURL_FORMAT_CURL_OFF_T ")", size);
  1103. MOVE_TO_ERROR_STATE(CURLE_BAD_DOWNLOAD_RESUME);
  1104. break;
  1105. }
  1106. data->state.resume_from = attrs->size;
  1107. sftp_attributes_free(attrs);
  1108. }
  1109. else {
  1110. data->state.resume_from = 0;
  1111. }
  1112. }
  1113. }
  1114. if(data->set.remote_append)
  1115. /* Try to open for append, but create if nonexisting */
  1116. flags = O_WRONLY|O_CREAT|O_APPEND;
  1117. else if(data->state.resume_from > 0)
  1118. /* If we have restart position then open for append */
  1119. flags = O_WRONLY|O_APPEND;
  1120. else
  1121. /* Clear file before writing (normal behavior) */
  1122. flags = O_WRONLY|O_CREAT|O_TRUNC;
  1123. if(sshc->sftp_file)
  1124. sftp_close(sshc->sftp_file);
  1125. sshc->sftp_file =
  1126. sftp_open(sshc->sftp_session, protop->path,
  1127. flags, (mode_t)data->set.new_file_perms);
  1128. if(!sshc->sftp_file) {
  1129. err = sftp_get_error(sshc->sftp_session);
  1130. if(((err == SSH_FX_NO_SUCH_FILE || err == SSH_FX_FAILURE ||
  1131. err == SSH_FX_NO_SUCH_PATH)) &&
  1132. (data->set.ftp_create_missing_dirs &&
  1133. (strlen(protop->path) > 1))) {
  1134. /* try to create the path remotely */
  1135. rc = 0;
  1136. sshc->secondCreateDirs = 1;
  1137. state(data, SSH_SFTP_CREATE_DIRS_INIT);
  1138. break;
  1139. }
  1140. else {
  1141. MOVE_TO_SFTP_CLOSE_STATE();
  1142. break;
  1143. }
  1144. }
  1145. /* If we have a restart point then we need to seek to the correct
  1146. position. */
  1147. if(data->state.resume_from > 0) {
  1148. /* Let's read off the proper amount of bytes from the input. */
  1149. if(conn->seek_func) {
  1150. Curl_set_in_callback(data, true);
  1151. seekerr = conn->seek_func(conn->seek_client, data->state.resume_from,
  1152. SEEK_SET);
  1153. Curl_set_in_callback(data, false);
  1154. }
  1155. if(seekerr != CURL_SEEKFUNC_OK) {
  1156. curl_off_t passed = 0;
  1157. if(seekerr != CURL_SEEKFUNC_CANTSEEK) {
  1158. failf(data, "Could not seek stream");
  1159. return CURLE_FTP_COULDNT_USE_REST;
  1160. }
  1161. /* seekerr == CURL_SEEKFUNC_CANTSEEK (can't seek to offset) */
  1162. do {
  1163. size_t readthisamountnow =
  1164. (data->state.resume_from - passed > data->set.buffer_size) ?
  1165. (size_t)data->set.buffer_size :
  1166. curlx_sotouz(data->state.resume_from - passed);
  1167. size_t actuallyread =
  1168. data->state.fread_func(data->state.buffer, 1,
  1169. readthisamountnow, data->state.in);
  1170. passed += actuallyread;
  1171. if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
  1172. /* this checks for greater-than only to make sure that the
  1173. CURL_READFUNC_ABORT return code still aborts */
  1174. failf(data, "Failed to read data");
  1175. MOVE_TO_ERROR_STATE(CURLE_FTP_COULDNT_USE_REST);
  1176. break;
  1177. }
  1178. } while(passed < data->state.resume_from);
  1179. if(rc)
  1180. break;
  1181. }
  1182. /* now, decrease the size of the read */
  1183. if(data->state.infilesize > 0) {
  1184. data->state.infilesize -= data->state.resume_from;
  1185. data->req.size = data->state.infilesize;
  1186. Curl_pgrsSetUploadSize(data, data->state.infilesize);
  1187. }
  1188. rc = sftp_seek64(sshc->sftp_file, data->state.resume_from);
  1189. if(rc) {
  1190. MOVE_TO_SFTP_CLOSE_STATE();
  1191. break;
  1192. }
  1193. }
  1194. if(data->state.infilesize > 0) {
  1195. data->req.size = data->state.infilesize;
  1196. Curl_pgrsSetUploadSize(data, data->state.infilesize);
  1197. }
  1198. /* upload data */
  1199. Curl_setup_transfer(data, -1, -1, FALSE, FIRSTSOCKET);
  1200. /* not set by Curl_setup_transfer to preserve keepon bits */
  1201. conn->sockfd = conn->writesockfd;
  1202. /* store this original bitmask setup to use later on if we can't
  1203. figure out a "real" bitmask */
  1204. sshc->orig_waitfor = data->req.keepon;
  1205. /* we want to use the _sending_ function even when the socket turns
  1206. out readable as the underlying libssh sftp send function will deal
  1207. with both accordingly */
  1208. conn->cselect_bits = CURL_CSELECT_OUT;
  1209. /* since we don't really wait for anything at this point, we want the
  1210. state machine to move on as soon as possible so we set a very short
  1211. timeout here */
  1212. Curl_expire(data, 0, EXPIRE_RUN_NOW);
  1213. state(data, SSH_STOP);
  1214. break;
  1215. }
  1216. case SSH_SFTP_CREATE_DIRS_INIT:
  1217. if(strlen(protop->path) > 1) {
  1218. sshc->slash_pos = protop->path + 1; /* ignore the leading '/' */
  1219. state(data, SSH_SFTP_CREATE_DIRS);
  1220. }
  1221. else {
  1222. state(data, SSH_SFTP_UPLOAD_INIT);
  1223. }
  1224. break;
  1225. case SSH_SFTP_CREATE_DIRS:
  1226. sshc->slash_pos = strchr(sshc->slash_pos, '/');
  1227. if(sshc->slash_pos) {
  1228. *sshc->slash_pos = 0;
  1229. infof(data, "Creating directory '%s'", protop->path);
  1230. state(data, SSH_SFTP_CREATE_DIRS_MKDIR);
  1231. break;
  1232. }
  1233. state(data, SSH_SFTP_UPLOAD_INIT);
  1234. break;
  1235. case SSH_SFTP_CREATE_DIRS_MKDIR:
  1236. /* 'mode' - parameter is preliminary - default to 0644 */
  1237. rc = sftp_mkdir(sshc->sftp_session, protop->path,
  1238. (mode_t)data->set.new_directory_perms);
  1239. *sshc->slash_pos = '/';
  1240. ++sshc->slash_pos;
  1241. if(rc < 0) {
  1242. /*
  1243. * Abort if failure wasn't that the dir already exists or the
  1244. * permission was denied (creation might succeed further down the
  1245. * path) - retry on unspecific FAILURE also
  1246. */
  1247. err = sftp_get_error(sshc->sftp_session);
  1248. if((err != SSH_FX_FILE_ALREADY_EXISTS) &&
  1249. (err != SSH_FX_FAILURE) &&
  1250. (err != SSH_FX_PERMISSION_DENIED)) {
  1251. MOVE_TO_SFTP_CLOSE_STATE();
  1252. break;
  1253. }
  1254. rc = 0; /* clear rc and continue */
  1255. }
  1256. state(data, SSH_SFTP_CREATE_DIRS);
  1257. break;
  1258. case SSH_SFTP_READDIR_INIT:
  1259. Curl_pgrsSetDownloadSize(data, -1);
  1260. if(data->set.opt_no_body) {
  1261. state(data, SSH_STOP);
  1262. break;
  1263. }
  1264. /*
  1265. * This is a directory that we are trying to get, so produce a directory
  1266. * listing
  1267. */
  1268. sshc->sftp_dir = sftp_opendir(sshc->sftp_session,
  1269. protop->path);
  1270. if(!sshc->sftp_dir) {
  1271. failf(data, "Could not open directory for reading: %s",
  1272. ssh_get_error(sshc->ssh_session));
  1273. MOVE_TO_SFTP_CLOSE_STATE();
  1274. break;
  1275. }
  1276. state(data, SSH_SFTP_READDIR);
  1277. break;
  1278. case SSH_SFTP_READDIR:
  1279. if(sshc->readdir_attrs)
  1280. sftp_attributes_free(sshc->readdir_attrs);
  1281. sshc->readdir_attrs = sftp_readdir(sshc->sftp_session, sshc->sftp_dir);
  1282. if(sshc->readdir_attrs) {
  1283. sshc->readdir_filename = sshc->readdir_attrs->name;
  1284. sshc->readdir_longentry = sshc->readdir_attrs->longname;
  1285. sshc->readdir_len = strlen(sshc->readdir_filename);
  1286. if(data->set.list_only) {
  1287. char *tmpLine;
  1288. tmpLine = aprintf("%s\n", sshc->readdir_filename);
  1289. if(!tmpLine) {
  1290. state(data, SSH_SFTP_CLOSE);
  1291. sshc->actualcode = CURLE_OUT_OF_MEMORY;
  1292. break;
  1293. }
  1294. result = Curl_client_write(data, CLIENTWRITE_BODY,
  1295. tmpLine, sshc->readdir_len + 1);
  1296. free(tmpLine);
  1297. if(result) {
  1298. state(data, SSH_STOP);
  1299. break;
  1300. }
  1301. /* since this counts what we send to the client, we include the
  1302. newline in this counter */
  1303. data->req.bytecount += sshc->readdir_len + 1;
  1304. /* output debug output if that is requested */
  1305. Curl_debug(data, CURLINFO_DATA_OUT, (char *)sshc->readdir_filename,
  1306. sshc->readdir_len);
  1307. }
  1308. else {
  1309. sshc->readdir_currLen = strlen(sshc->readdir_longentry);
  1310. sshc->readdir_totalLen = 80 + sshc->readdir_currLen;
  1311. sshc->readdir_line = calloc(sshc->readdir_totalLen, 1);
  1312. if(!sshc->readdir_line) {
  1313. state(data, SSH_SFTP_CLOSE);
  1314. sshc->actualcode = CURLE_OUT_OF_MEMORY;
  1315. break;
  1316. }
  1317. memcpy(sshc->readdir_line, sshc->readdir_longentry,
  1318. sshc->readdir_currLen);
  1319. if((sshc->readdir_attrs->flags & SSH_FILEXFER_ATTR_PERMISSIONS) &&
  1320. ((sshc->readdir_attrs->permissions & SSH_S_IFMT) ==
  1321. SSH_S_IFLNK)) {
  1322. sshc->readdir_linkPath = aprintf("%s%s", protop->path,
  1323. sshc->readdir_filename);
  1324. if(!sshc->readdir_linkPath) {
  1325. state(data, SSH_SFTP_CLOSE);
  1326. sshc->actualcode = CURLE_OUT_OF_MEMORY;
  1327. break;
  1328. }
  1329. state(data, SSH_SFTP_READDIR_LINK);
  1330. break;
  1331. }
  1332. state(data, SSH_SFTP_READDIR_BOTTOM);
  1333. break;
  1334. }
  1335. }
  1336. else if(sftp_dir_eof(sshc->sftp_dir)) {
  1337. state(data, SSH_SFTP_READDIR_DONE);
  1338. break;
  1339. }
  1340. else {
  1341. failf(data, "Could not open remote file for reading: %s",
  1342. ssh_get_error(sshc->ssh_session));
  1343. MOVE_TO_SFTP_CLOSE_STATE();
  1344. break;
  1345. }
  1346. break;
  1347. case SSH_SFTP_READDIR_LINK:
  1348. if(sshc->readdir_link_attrs)
  1349. sftp_attributes_free(sshc->readdir_link_attrs);
  1350. sshc->readdir_link_attrs = sftp_lstat(sshc->sftp_session,
  1351. sshc->readdir_linkPath);
  1352. if(sshc->readdir_link_attrs == 0) {
  1353. failf(data, "Could not read symlink for reading: %s",
  1354. ssh_get_error(sshc->ssh_session));
  1355. MOVE_TO_SFTP_CLOSE_STATE();
  1356. break;
  1357. }
  1358. if(!sshc->readdir_link_attrs->name) {
  1359. sshc->readdir_tmp = sftp_readlink(sshc->sftp_session,
  1360. sshc->readdir_linkPath);
  1361. if(!sshc->readdir_filename)
  1362. sshc->readdir_len = 0;
  1363. else
  1364. sshc->readdir_len = strlen(sshc->readdir_tmp);
  1365. sshc->readdir_longentry = NULL;
  1366. sshc->readdir_filename = sshc->readdir_tmp;
  1367. }
  1368. else {
  1369. sshc->readdir_len = strlen(sshc->readdir_link_attrs->name);
  1370. sshc->readdir_filename = sshc->readdir_link_attrs->name;
  1371. sshc->readdir_longentry = sshc->readdir_link_attrs->longname;
  1372. }
  1373. Curl_safefree(sshc->readdir_linkPath);
  1374. /* get room for the filename and extra output */
  1375. sshc->readdir_totalLen += 4 + sshc->readdir_len;
  1376. new_readdir_line = Curl_saferealloc(sshc->readdir_line,
  1377. sshc->readdir_totalLen);
  1378. if(!new_readdir_line) {
  1379. sshc->readdir_line = NULL;
  1380. state(data, SSH_SFTP_CLOSE);
  1381. sshc->actualcode = CURLE_OUT_OF_MEMORY;
  1382. break;
  1383. }
  1384. sshc->readdir_line = new_readdir_line;
  1385. sshc->readdir_currLen += msnprintf(sshc->readdir_line +
  1386. sshc->readdir_currLen,
  1387. sshc->readdir_totalLen -
  1388. sshc->readdir_currLen,
  1389. " -> %s",
  1390. sshc->readdir_filename);
  1391. sftp_attributes_free(sshc->readdir_link_attrs);
  1392. sshc->readdir_link_attrs = NULL;
  1393. sshc->readdir_filename = NULL;
  1394. sshc->readdir_longentry = NULL;
  1395. state(data, SSH_SFTP_READDIR_BOTTOM);
  1396. /* FALLTHROUGH */
  1397. case SSH_SFTP_READDIR_BOTTOM:
  1398. sshc->readdir_currLen += msnprintf(sshc->readdir_line +
  1399. sshc->readdir_currLen,
  1400. sshc->readdir_totalLen -
  1401. sshc->readdir_currLen, "\n");
  1402. result = Curl_client_write(data, CLIENTWRITE_BODY,
  1403. sshc->readdir_line,
  1404. sshc->readdir_currLen);
  1405. if(!result) {
  1406. /* output debug output if that is requested */
  1407. Curl_debug(data, CURLINFO_DATA_OUT, sshc->readdir_line,
  1408. sshc->readdir_currLen);
  1409. data->req.bytecount += sshc->readdir_currLen;
  1410. }
  1411. Curl_safefree(sshc->readdir_line);
  1412. ssh_string_free_char(sshc->readdir_tmp);
  1413. sshc->readdir_tmp = NULL;
  1414. if(result) {
  1415. state(data, SSH_STOP);
  1416. }
  1417. else
  1418. state(data, SSH_SFTP_READDIR);
  1419. break;
  1420. case SSH_SFTP_READDIR_DONE:
  1421. sftp_closedir(sshc->sftp_dir);
  1422. sshc->sftp_dir = NULL;
  1423. /* no data to transfer */
  1424. Curl_setup_transfer(data, -1, -1, FALSE, -1);
  1425. state(data, SSH_STOP);
  1426. break;
  1427. case SSH_SFTP_DOWNLOAD_INIT:
  1428. /*
  1429. * Work on getting the specified file
  1430. */
  1431. if(sshc->sftp_file)
  1432. sftp_close(sshc->sftp_file);
  1433. sshc->sftp_file = sftp_open(sshc->sftp_session, protop->path,
  1434. O_RDONLY, (mode_t)data->set.new_file_perms);
  1435. if(!sshc->sftp_file) {
  1436. failf(data, "Could not open remote file for reading: %s",
  1437. ssh_get_error(sshc->ssh_session));
  1438. MOVE_TO_SFTP_CLOSE_STATE();
  1439. break;
  1440. }
  1441. state(data, SSH_SFTP_DOWNLOAD_STAT);
  1442. break;
  1443. case SSH_SFTP_DOWNLOAD_STAT:
  1444. {
  1445. sftp_attributes attrs;
  1446. curl_off_t size;
  1447. attrs = sftp_fstat(sshc->sftp_file);
  1448. if(!attrs ||
  1449. !(attrs->flags & SSH_FILEXFER_ATTR_SIZE) ||
  1450. (attrs->size == 0)) {
  1451. /*
  1452. * sftp_fstat didn't return an error, so maybe the server
  1453. * just doesn't support stat()
  1454. * OR the server doesn't return a file size with a stat()
  1455. * OR file size is 0
  1456. */
  1457. data->req.size = -1;
  1458. data->req.maxdownload = -1;
  1459. Curl_pgrsSetDownloadSize(data, -1);
  1460. size = 0;
  1461. }
  1462. else {
  1463. size = attrs->size;
  1464. sftp_attributes_free(attrs);
  1465. if(size < 0) {
  1466. failf(data, "Bad file size (%" CURL_FORMAT_CURL_OFF_T ")", size);
  1467. return CURLE_BAD_DOWNLOAD_RESUME;
  1468. }
  1469. if(data->state.use_range) {
  1470. curl_off_t from, to;
  1471. char *ptr;
  1472. char *ptr2;
  1473. CURLofft to_t;
  1474. CURLofft from_t;
  1475. from_t = curlx_strtoofft(data->state.range, &ptr, 0, &from);
  1476. if(from_t == CURL_OFFT_FLOW) {
  1477. return CURLE_RANGE_ERROR;
  1478. }
  1479. while(*ptr && (ISBLANK(*ptr) || (*ptr == '-')))
  1480. ptr++;
  1481. to_t = curlx_strtoofft(ptr, &ptr2, 0, &to);
  1482. if(to_t == CURL_OFFT_FLOW) {
  1483. return CURLE_RANGE_ERROR;
  1484. }
  1485. if((to_t == CURL_OFFT_INVAL) /* no "to" value given */
  1486. || (to >= size)) {
  1487. to = size - 1;
  1488. }
  1489. if(from_t) {
  1490. /* from is relative to end of file */
  1491. from = size - to;
  1492. to = size - 1;
  1493. }
  1494. if(from > size) {
  1495. failf(data, "Offset (%"
  1496. CURL_FORMAT_CURL_OFF_T ") was beyond file size (%"
  1497. CURL_FORMAT_CURL_OFF_T ")", from, size);
  1498. return CURLE_BAD_DOWNLOAD_RESUME;
  1499. }
  1500. if(from > to) {
  1501. from = to;
  1502. size = 0;
  1503. }
  1504. else {
  1505. size = to - from + 1;
  1506. }
  1507. rc = sftp_seek64(sshc->sftp_file, from);
  1508. if(rc) {
  1509. MOVE_TO_SFTP_CLOSE_STATE();
  1510. break;
  1511. }
  1512. }
  1513. data->req.size = size;
  1514. data->req.maxdownload = size;
  1515. Curl_pgrsSetDownloadSize(data, size);
  1516. }
  1517. /* We can resume if we can seek to the resume position */
  1518. if(data->state.resume_from) {
  1519. if(data->state.resume_from < 0) {
  1520. /* We're supposed to download the last abs(from) bytes */
  1521. if((curl_off_t)size < -data->state.resume_from) {
  1522. failf(data, "Offset (%"
  1523. CURL_FORMAT_CURL_OFF_T ") was beyond file size (%"
  1524. CURL_FORMAT_CURL_OFF_T ")",
  1525. data->state.resume_from, size);
  1526. return CURLE_BAD_DOWNLOAD_RESUME;
  1527. }
  1528. /* download from where? */
  1529. data->state.resume_from += size;
  1530. }
  1531. else {
  1532. if((curl_off_t)size < data->state.resume_from) {
  1533. failf(data, "Offset (%" CURL_FORMAT_CURL_OFF_T
  1534. ") was beyond file size (%" CURL_FORMAT_CURL_OFF_T ")",
  1535. data->state.resume_from, size);
  1536. return CURLE_BAD_DOWNLOAD_RESUME;
  1537. }
  1538. }
  1539. /* Now store the number of bytes we are expected to download */
  1540. data->req.size = size - data->state.resume_from;
  1541. data->req.maxdownload = size - data->state.resume_from;
  1542. Curl_pgrsSetDownloadSize(data,
  1543. size - data->state.resume_from);
  1544. rc = sftp_seek64(sshc->sftp_file, data->state.resume_from);
  1545. if(rc) {
  1546. MOVE_TO_SFTP_CLOSE_STATE();
  1547. break;
  1548. }
  1549. }
  1550. }
  1551. /* Setup the actual download */
  1552. if(data->req.size == 0) {
  1553. /* no data to transfer */
  1554. Curl_setup_transfer(data, -1, -1, FALSE, -1);
  1555. infof(data, "File already completely downloaded");
  1556. state(data, SSH_STOP);
  1557. break;
  1558. }
  1559. Curl_setup_transfer(data, FIRSTSOCKET, data->req.size, FALSE, -1);
  1560. /* not set by Curl_setup_transfer to preserve keepon bits */
  1561. conn->writesockfd = conn->sockfd;
  1562. /* we want to use the _receiving_ function even when the socket turns
  1563. out writableable as the underlying libssh recv function will deal
  1564. with both accordingly */
  1565. conn->cselect_bits = CURL_CSELECT_IN;
  1566. if(result) {
  1567. /* this should never occur; the close state should be entered
  1568. at the time the error occurs */
  1569. state(data, SSH_SFTP_CLOSE);
  1570. sshc->actualcode = result;
  1571. }
  1572. else {
  1573. sshc->sftp_recv_state = 0;
  1574. state(data, SSH_STOP);
  1575. }
  1576. break;
  1577. case SSH_SFTP_CLOSE:
  1578. if(sshc->sftp_file) {
  1579. sftp_close(sshc->sftp_file);
  1580. sshc->sftp_file = NULL;
  1581. }
  1582. Curl_safefree(protop->path);
  1583. DEBUGF(infof(data, "SFTP DONE done"));
  1584. /* Check if nextstate is set and move .nextstate could be POSTQUOTE_INIT
  1585. After nextstate is executed, the control should come back to
  1586. SSH_SFTP_CLOSE to pass the correct result back */
  1587. if(sshc->nextstate != SSH_NO_STATE &&
  1588. sshc->nextstate != SSH_SFTP_CLOSE) {
  1589. state(data, sshc->nextstate);
  1590. sshc->nextstate = SSH_SFTP_CLOSE;
  1591. }
  1592. else {
  1593. state(data, SSH_STOP);
  1594. result = sshc->actualcode;
  1595. }
  1596. break;
  1597. case SSH_SFTP_SHUTDOWN:
  1598. /* during times we get here due to a broken transfer and then the
  1599. sftp_handle might not have been taken down so make sure that is done
  1600. before we proceed */
  1601. if(sshc->sftp_file) {
  1602. sftp_close(sshc->sftp_file);
  1603. sshc->sftp_file = NULL;
  1604. }
  1605. if(sshc->sftp_session) {
  1606. sftp_free(sshc->sftp_session);
  1607. sshc->sftp_session = NULL;
  1608. }
  1609. SSH_STRING_FREE_CHAR(sshc->homedir);
  1610. data->state.most_recent_ftp_entrypath = NULL;
  1611. state(data, SSH_SESSION_DISCONNECT);
  1612. break;
  1613. case SSH_SCP_TRANS_INIT:
  1614. result = Curl_getworkingpath(data, sshc->homedir, &protop->path);
  1615. if(result) {
  1616. sshc->actualcode = result;
  1617. state(data, SSH_STOP);
  1618. break;
  1619. }
  1620. /* Functions from the SCP subsystem cannot handle/return SSH_AGAIN */
  1621. ssh_set_blocking(sshc->ssh_session, 1);
  1622. if(data->set.upload) {
  1623. if(data->state.infilesize < 0) {
  1624. failf(data, "SCP requires a known file size for upload");
  1625. sshc->actualcode = CURLE_UPLOAD_FAILED;
  1626. MOVE_TO_ERROR_STATE(CURLE_UPLOAD_FAILED);
  1627. break;
  1628. }
  1629. sshc->scp_session =
  1630. ssh_scp_new(sshc->ssh_session, SSH_SCP_WRITE, protop->path);
  1631. state(data, SSH_SCP_UPLOAD_INIT);
  1632. }
  1633. else {
  1634. sshc->scp_session =
  1635. ssh_scp_new(sshc->ssh_session, SSH_SCP_READ, protop->path);
  1636. state(data, SSH_SCP_DOWNLOAD_INIT);
  1637. }
  1638. if(!sshc->scp_session) {
  1639. err_msg = ssh_get_error(sshc->ssh_session);
  1640. failf(data, "%s", err_msg);
  1641. MOVE_TO_ERROR_STATE(CURLE_UPLOAD_FAILED);
  1642. }
  1643. break;
  1644. case SSH_SCP_UPLOAD_INIT:
  1645. rc = ssh_scp_init(sshc->scp_session);
  1646. if(rc != SSH_OK) {
  1647. err_msg = ssh_get_error(sshc->ssh_session);
  1648. failf(data, "%s", err_msg);
  1649. MOVE_TO_ERROR_STATE(CURLE_UPLOAD_FAILED);
  1650. break;
  1651. }
  1652. rc = ssh_scp_push_file(sshc->scp_session, protop->path,
  1653. data->state.infilesize,
  1654. (int)data->set.new_file_perms);
  1655. if(rc != SSH_OK) {
  1656. err_msg = ssh_get_error(sshc->ssh_session);
  1657. failf(data, "%s", err_msg);
  1658. MOVE_TO_ERROR_STATE(CURLE_UPLOAD_FAILED);
  1659. break;
  1660. }
  1661. /* upload data */
  1662. Curl_setup_transfer(data, -1, data->req.size, FALSE, FIRSTSOCKET);
  1663. /* not set by Curl_setup_transfer to preserve keepon bits */
  1664. conn->sockfd = conn->writesockfd;
  1665. /* store this original bitmask setup to use later on if we can't
  1666. figure out a "real" bitmask */
  1667. sshc->orig_waitfor = data->req.keepon;
  1668. /* we want to use the _sending_ function even when the socket turns
  1669. out readable as the underlying libssh scp send function will deal
  1670. with both accordingly */
  1671. conn->cselect_bits = CURL_CSELECT_OUT;
  1672. state(data, SSH_STOP);
  1673. break;
  1674. case SSH_SCP_DOWNLOAD_INIT:
  1675. rc = ssh_scp_init(sshc->scp_session);
  1676. if(rc != SSH_OK) {
  1677. err_msg = ssh_get_error(sshc->ssh_session);
  1678. failf(data, "%s", err_msg);
  1679. MOVE_TO_ERROR_STATE(CURLE_COULDNT_CONNECT);
  1680. break;
  1681. }
  1682. state(data, SSH_SCP_DOWNLOAD);
  1683. /* FALLTHROUGH */
  1684. case SSH_SCP_DOWNLOAD:{
  1685. curl_off_t bytecount;
  1686. rc = ssh_scp_pull_request(sshc->scp_session);
  1687. if(rc != SSH_SCP_REQUEST_NEWFILE) {
  1688. err_msg = ssh_get_error(sshc->ssh_session);
  1689. failf(data, "%s", err_msg);
  1690. MOVE_TO_ERROR_STATE(CURLE_REMOTE_FILE_NOT_FOUND);
  1691. break;
  1692. }
  1693. /* download data */
  1694. bytecount = ssh_scp_request_get_size(sshc->scp_session);
  1695. data->req.maxdownload = (curl_off_t) bytecount;
  1696. Curl_setup_transfer(data, FIRSTSOCKET, bytecount, FALSE, -1);
  1697. /* not set by Curl_setup_transfer to preserve keepon bits */
  1698. conn->writesockfd = conn->sockfd;
  1699. /* we want to use the _receiving_ function even when the socket turns
  1700. out writableable as the underlying libssh recv function will deal
  1701. with both accordingly */
  1702. conn->cselect_bits = CURL_CSELECT_IN;
  1703. state(data, SSH_STOP);
  1704. break;
  1705. }
  1706. case SSH_SCP_DONE:
  1707. if(data->set.upload)
  1708. state(data, SSH_SCP_SEND_EOF);
  1709. else
  1710. state(data, SSH_SCP_CHANNEL_FREE);
  1711. break;
  1712. case SSH_SCP_SEND_EOF:
  1713. if(sshc->scp_session) {
  1714. rc = ssh_scp_close(sshc->scp_session);
  1715. if(rc == SSH_AGAIN) {
  1716. /* Currently the ssh_scp_close handles waiting for EOF in
  1717. * blocking way.
  1718. */
  1719. break;
  1720. }
  1721. if(rc != SSH_OK) {
  1722. infof(data, "Failed to close libssh scp channel: %s",
  1723. ssh_get_error(sshc->ssh_session));
  1724. }
  1725. }
  1726. state(data, SSH_SCP_CHANNEL_FREE);
  1727. break;
  1728. case SSH_SCP_CHANNEL_FREE:
  1729. if(sshc->scp_session) {
  1730. ssh_scp_free(sshc->scp_session);
  1731. sshc->scp_session = NULL;
  1732. }
  1733. DEBUGF(infof(data, "SCP DONE phase complete"));
  1734. ssh_set_blocking(sshc->ssh_session, 0);
  1735. state(data, SSH_SESSION_DISCONNECT);
  1736. /* FALLTHROUGH */
  1737. case SSH_SESSION_DISCONNECT:
  1738. /* during weird times when we've been prematurely aborted, the channel
  1739. is still alive when we reach this state and we MUST kill the channel
  1740. properly first */
  1741. if(sshc->scp_session) {
  1742. ssh_scp_free(sshc->scp_session);
  1743. sshc->scp_session = NULL;
  1744. }
  1745. ssh_disconnect(sshc->ssh_session);
  1746. if(!ssh_version(SSH_VERSION_INT(0, 10, 0))) {
  1747. /* conn->sock[FIRSTSOCKET] is closed by ssh_disconnect behind our back,
  1748. explicitly mark it as closed with the memdebug macro. This libssh
  1749. bug is fixed in 0.10.0. */
  1750. fake_sclose(conn->sock[FIRSTSOCKET]);
  1751. conn->sock[FIRSTSOCKET] = CURL_SOCKET_BAD;
  1752. }
  1753. SSH_STRING_FREE_CHAR(sshc->homedir);
  1754. data->state.most_recent_ftp_entrypath = NULL;
  1755. state(data, SSH_SESSION_FREE);
  1756. /* FALLTHROUGH */
  1757. case SSH_SESSION_FREE:
  1758. if(sshc->ssh_session) {
  1759. ssh_free(sshc->ssh_session);
  1760. sshc->ssh_session = NULL;
  1761. }
  1762. /* worst-case scenario cleanup */
  1763. DEBUGASSERT(sshc->ssh_session == NULL);
  1764. DEBUGASSERT(sshc->scp_session == NULL);
  1765. if(sshc->readdir_tmp) {
  1766. ssh_string_free_char(sshc->readdir_tmp);
  1767. sshc->readdir_tmp = NULL;
  1768. }
  1769. if(sshc->quote_attrs)
  1770. sftp_attributes_free(sshc->quote_attrs);
  1771. if(sshc->readdir_attrs)
  1772. sftp_attributes_free(sshc->readdir_attrs);
  1773. if(sshc->readdir_link_attrs)
  1774. sftp_attributes_free(sshc->readdir_link_attrs);
  1775. if(sshc->privkey)
  1776. ssh_key_free(sshc->privkey);
  1777. if(sshc->pubkey)
  1778. ssh_key_free(sshc->pubkey);
  1779. Curl_safefree(sshc->rsa_pub);
  1780. Curl_safefree(sshc->rsa);
  1781. Curl_safefree(sshc->quote_path1);
  1782. Curl_safefree(sshc->quote_path2);
  1783. Curl_safefree(sshc->readdir_line);
  1784. Curl_safefree(sshc->readdir_linkPath);
  1785. SSH_STRING_FREE_CHAR(sshc->homedir);
  1786. /* the code we are about to return */
  1787. result = sshc->actualcode;
  1788. memset(sshc, 0, sizeof(struct ssh_conn));
  1789. connclose(conn, "SSH session free");
  1790. sshc->state = SSH_SESSION_FREE; /* current */
  1791. sshc->nextstate = SSH_NO_STATE;
  1792. state(data, SSH_STOP);
  1793. break;
  1794. case SSH_QUIT:
  1795. /* fallthrough, just stop! */
  1796. default:
  1797. /* internal error */
  1798. sshc->nextstate = SSH_NO_STATE;
  1799. state(data, SSH_STOP);
  1800. break;
  1801. }
  1802. } while(!rc && (sshc->state != SSH_STOP));
  1803. if(rc == SSH_AGAIN) {
  1804. /* we would block, we need to wait for the socket to be ready (in the
  1805. right direction too)! */
  1806. *block = TRUE;
  1807. }
  1808. return result;
  1809. }
  1810. /* called by the multi interface to figure out what socket(s) to wait for and
  1811. for what actions in the DO_DONE, PERFORM and WAITPERFORM states */
  1812. static int myssh_getsock(struct Curl_easy *data,
  1813. struct connectdata *conn,
  1814. curl_socket_t *sock)
  1815. {
  1816. int bitmap = GETSOCK_BLANK;
  1817. (void)data;
  1818. sock[0] = conn->sock[FIRSTSOCKET];
  1819. if(conn->waitfor & KEEP_RECV)
  1820. bitmap |= GETSOCK_READSOCK(FIRSTSOCKET);
  1821. if(conn->waitfor & KEEP_SEND)
  1822. bitmap |= GETSOCK_WRITESOCK(FIRSTSOCKET);
  1823. if(!conn->waitfor)
  1824. bitmap |= GETSOCK_WRITESOCK(FIRSTSOCKET);
  1825. return bitmap;
  1826. }
  1827. static void myssh_block2waitfor(struct connectdata *conn, bool block)
  1828. {
  1829. struct ssh_conn *sshc = &conn->proto.sshc;
  1830. /* If it didn't block, or nothing was returned by ssh_get_poll_flags
  1831. * have the original set */
  1832. conn->waitfor = sshc->orig_waitfor;
  1833. if(block) {
  1834. int dir = ssh_get_poll_flags(sshc->ssh_session);
  1835. if(dir & SSH_READ_PENDING) {
  1836. /* translate the libssh define bits into our own bit defines */
  1837. conn->waitfor = KEEP_RECV;
  1838. }
  1839. else if(dir & SSH_WRITE_PENDING) {
  1840. conn->waitfor = KEEP_SEND;
  1841. }
  1842. }
  1843. }
  1844. /* called repeatedly until done from multi.c */
  1845. static CURLcode myssh_multi_statemach(struct Curl_easy *data,
  1846. bool *done)
  1847. {
  1848. struct connectdata *conn = data->conn;
  1849. struct ssh_conn *sshc = &conn->proto.sshc;
  1850. bool block; /* we store the status and use that to provide a ssh_getsock()
  1851. implementation */
  1852. CURLcode result = myssh_statemach_act(data, &block);
  1853. *done = (sshc->state == SSH_STOP) ? TRUE : FALSE;
  1854. myssh_block2waitfor(conn, block);
  1855. return result;
  1856. }
  1857. static CURLcode myssh_block_statemach(struct Curl_easy *data,
  1858. bool disconnect)
  1859. {
  1860. struct connectdata *conn = data->conn;
  1861. struct ssh_conn *sshc = &conn->proto.sshc;
  1862. CURLcode result = CURLE_OK;
  1863. while((sshc->state != SSH_STOP) && !result) {
  1864. bool block;
  1865. timediff_t left = 1000;
  1866. struct curltime now = Curl_now();
  1867. result = myssh_statemach_act(data, &block);
  1868. if(result)
  1869. break;
  1870. if(!disconnect) {
  1871. if(Curl_pgrsUpdate(data))
  1872. return CURLE_ABORTED_BY_CALLBACK;
  1873. result = Curl_speedcheck(data, now);
  1874. if(result)
  1875. break;
  1876. left = Curl_timeleft(data, NULL, FALSE);
  1877. if(left < 0) {
  1878. failf(data, "Operation timed out");
  1879. return CURLE_OPERATION_TIMEDOUT;
  1880. }
  1881. }
  1882. if(block) {
  1883. curl_socket_t fd_read = conn->sock[FIRSTSOCKET];
  1884. /* wait for the socket to become ready */
  1885. (void) Curl_socket_check(fd_read, CURL_SOCKET_BAD,
  1886. CURL_SOCKET_BAD, left > 1000 ? 1000 : left);
  1887. }
  1888. }
  1889. return result;
  1890. }
  1891. /*
  1892. * SSH setup connection
  1893. */
  1894. static CURLcode myssh_setup_connection(struct Curl_easy *data,
  1895. struct connectdata *conn)
  1896. {
  1897. struct SSHPROTO *ssh;
  1898. (void)conn;
  1899. data->req.p.ssh = ssh = calloc(1, sizeof(struct SSHPROTO));
  1900. if(!ssh)
  1901. return CURLE_OUT_OF_MEMORY;
  1902. return CURLE_OK;
  1903. }
  1904. static Curl_recv scp_recv, sftp_recv;
  1905. static Curl_send scp_send, sftp_send;
  1906. /*
  1907. * Curl_ssh_connect() gets called from Curl_protocol_connect() to allow us to
  1908. * do protocol-specific actions at connect-time.
  1909. */
  1910. static CURLcode myssh_connect(struct Curl_easy *data, bool *done)
  1911. {
  1912. struct ssh_conn *ssh;
  1913. CURLcode result;
  1914. struct connectdata *conn = data->conn;
  1915. curl_socket_t sock = conn->sock[FIRSTSOCKET];
  1916. int rc;
  1917. /* initialize per-handle data if not already */
  1918. if(!data->req.p.ssh)
  1919. myssh_setup_connection(data, conn);
  1920. /* We default to persistent connections. We set this already in this connect
  1921. function to make the re-use checks properly be able to check this bit. */
  1922. connkeep(conn, "SSH default");
  1923. if(conn->handler->protocol & CURLPROTO_SCP) {
  1924. conn->recv[FIRSTSOCKET] = scp_recv;
  1925. conn->send[FIRSTSOCKET] = scp_send;
  1926. }
  1927. else {
  1928. conn->recv[FIRSTSOCKET] = sftp_recv;
  1929. conn->send[FIRSTSOCKET] = sftp_send;
  1930. }
  1931. ssh = &conn->proto.sshc;
  1932. ssh->ssh_session = ssh_new();
  1933. if(!ssh->ssh_session) {
  1934. failf(data, "Failure initialising ssh session");
  1935. return CURLE_FAILED_INIT;
  1936. }
  1937. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_HOST, conn->host.name);
  1938. if(rc != SSH_OK) {
  1939. failf(data, "Could not set remote host");
  1940. return CURLE_FAILED_INIT;
  1941. }
  1942. rc = ssh_options_parse_config(ssh->ssh_session, NULL);
  1943. if(rc != SSH_OK) {
  1944. infof(data, "Could not parse SSH configuration files");
  1945. /* ignore */
  1946. }
  1947. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_FD, &sock);
  1948. if(rc != SSH_OK) {
  1949. failf(data, "Could not set socket");
  1950. return CURLE_FAILED_INIT;
  1951. }
  1952. if(conn->user && conn->user[0] != '\0') {
  1953. infof(data, "User: %s", conn->user);
  1954. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_USER, conn->user);
  1955. if(rc != SSH_OK) {
  1956. failf(data, "Could not set user");
  1957. return CURLE_FAILED_INIT;
  1958. }
  1959. }
  1960. if(data->set.str[STRING_SSH_KNOWNHOSTS]) {
  1961. infof(data, "Known hosts: %s", data->set.str[STRING_SSH_KNOWNHOSTS]);
  1962. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_KNOWNHOSTS,
  1963. data->set.str[STRING_SSH_KNOWNHOSTS]);
  1964. if(rc != SSH_OK) {
  1965. failf(data, "Could not set known hosts file path");
  1966. return CURLE_FAILED_INIT;
  1967. }
  1968. }
  1969. if(conn->remote_port) {
  1970. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_PORT,
  1971. &conn->remote_port);
  1972. if(rc != SSH_OK) {
  1973. failf(data, "Could not set remote port");
  1974. return CURLE_FAILED_INIT;
  1975. }
  1976. }
  1977. if(data->set.ssh_compression) {
  1978. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_COMPRESSION,
  1979. "zlib,zlib@openssh.com,none");
  1980. if(rc != SSH_OK) {
  1981. failf(data, "Could not set compression");
  1982. return CURLE_FAILED_INIT;
  1983. }
  1984. }
  1985. ssh->privkey = NULL;
  1986. ssh->pubkey = NULL;
  1987. if(data->set.str[STRING_SSH_PUBLIC_KEY]) {
  1988. rc = ssh_pki_import_pubkey_file(data->set.str[STRING_SSH_PUBLIC_KEY],
  1989. &ssh->pubkey);
  1990. if(rc != SSH_OK) {
  1991. failf(data, "Could not load public key file");
  1992. return CURLE_FAILED_INIT;
  1993. }
  1994. }
  1995. /* we do not verify here, we do it at the state machine,
  1996. * after connection */
  1997. state(data, SSH_INIT);
  1998. result = myssh_multi_statemach(data, done);
  1999. return result;
  2000. }
  2001. /* called from multi.c while DOing */
  2002. static CURLcode scp_doing(struct Curl_easy *data, bool *dophase_done)
  2003. {
  2004. CURLcode result;
  2005. result = myssh_multi_statemach(data, dophase_done);
  2006. if(*dophase_done) {
  2007. DEBUGF(infof(data, "DO phase is complete"));
  2008. }
  2009. return result;
  2010. }
  2011. /*
  2012. ***********************************************************************
  2013. *
  2014. * scp_perform()
  2015. *
  2016. * This is the actual DO function for SCP. Get a file according to
  2017. * the options previously setup.
  2018. */
  2019. static
  2020. CURLcode scp_perform(struct Curl_easy *data,
  2021. bool *connected, bool *dophase_done)
  2022. {
  2023. CURLcode result = CURLE_OK;
  2024. struct connectdata *conn = data->conn;
  2025. DEBUGF(infof(data, "DO phase starts"));
  2026. *dophase_done = FALSE; /* not done yet */
  2027. /* start the first command in the DO phase */
  2028. state(data, SSH_SCP_TRANS_INIT);
  2029. result = myssh_multi_statemach(data, dophase_done);
  2030. *connected = conn->bits.tcpconnect[FIRSTSOCKET];
  2031. if(*dophase_done) {
  2032. DEBUGF(infof(data, "DO phase is complete"));
  2033. }
  2034. return result;
  2035. }
  2036. static CURLcode myssh_do_it(struct Curl_easy *data, bool *done)
  2037. {
  2038. CURLcode result;
  2039. bool connected = 0;
  2040. struct connectdata *conn = data->conn;
  2041. struct ssh_conn *sshc = &conn->proto.sshc;
  2042. *done = FALSE; /* default to false */
  2043. data->req.size = -1; /* make sure this is unknown at this point */
  2044. sshc->actualcode = CURLE_OK; /* reset error code */
  2045. sshc->secondCreateDirs = 0; /* reset the create dir attempt state
  2046. variable */
  2047. Curl_pgrsSetUploadCounter(data, 0);
  2048. Curl_pgrsSetDownloadCounter(data, 0);
  2049. Curl_pgrsSetUploadSize(data, -1);
  2050. Curl_pgrsSetDownloadSize(data, -1);
  2051. if(conn->handler->protocol & CURLPROTO_SCP)
  2052. result = scp_perform(data, &connected, done);
  2053. else
  2054. result = sftp_perform(data, &connected, done);
  2055. return result;
  2056. }
  2057. /* BLOCKING, but the function is using the state machine so the only reason
  2058. this is still blocking is that the multi interface code has no support for
  2059. disconnecting operations that takes a while */
  2060. static CURLcode scp_disconnect(struct Curl_easy *data,
  2061. struct connectdata *conn,
  2062. bool dead_connection)
  2063. {
  2064. CURLcode result = CURLE_OK;
  2065. struct ssh_conn *ssh = &conn->proto.sshc;
  2066. (void) dead_connection;
  2067. if(ssh->ssh_session) {
  2068. /* only if there's a session still around to use! */
  2069. state(data, SSH_SESSION_DISCONNECT);
  2070. result = myssh_block_statemach(data, TRUE);
  2071. }
  2072. return result;
  2073. }
  2074. /* generic done function for both SCP and SFTP called from their specific
  2075. done functions */
  2076. static CURLcode myssh_done(struct Curl_easy *data, CURLcode status)
  2077. {
  2078. CURLcode result = CURLE_OK;
  2079. struct SSHPROTO *protop = data->req.p.ssh;
  2080. if(!status) {
  2081. /* run the state-machine */
  2082. result = myssh_block_statemach(data, FALSE);
  2083. }
  2084. else
  2085. result = status;
  2086. if(protop)
  2087. Curl_safefree(protop->path);
  2088. if(Curl_pgrsDone(data))
  2089. return CURLE_ABORTED_BY_CALLBACK;
  2090. data->req.keepon = 0; /* clear all bits */
  2091. return result;
  2092. }
  2093. static CURLcode scp_done(struct Curl_easy *data, CURLcode status,
  2094. bool premature)
  2095. {
  2096. (void) premature; /* not used */
  2097. if(!status)
  2098. state(data, SSH_SCP_DONE);
  2099. return myssh_done(data, status);
  2100. }
  2101. static ssize_t scp_send(struct Curl_easy *data, int sockindex,
  2102. const void *mem, size_t len, CURLcode *err)
  2103. {
  2104. int rc;
  2105. struct connectdata *conn = data->conn;
  2106. (void) sockindex; /* we only support SCP on the fixed known primary socket */
  2107. (void) err;
  2108. rc = ssh_scp_write(conn->proto.sshc.scp_session, mem, len);
  2109. #if 0
  2110. /* The following code is misleading, mostly added as wishful thinking
  2111. * that libssh at some point will implement non-blocking ssh_scp_write/read.
  2112. * Currently rc can only be number of bytes read or SSH_ERROR. */
  2113. myssh_block2waitfor(conn, (rc == SSH_AGAIN) ? TRUE : FALSE);
  2114. if(rc == SSH_AGAIN) {
  2115. *err = CURLE_AGAIN;
  2116. return 0;
  2117. }
  2118. else
  2119. #endif
  2120. if(rc != SSH_OK) {
  2121. *err = CURLE_SSH;
  2122. return -1;
  2123. }
  2124. return len;
  2125. }
  2126. static ssize_t scp_recv(struct Curl_easy *data, int sockindex,
  2127. char *mem, size_t len, CURLcode *err)
  2128. {
  2129. ssize_t nread;
  2130. struct connectdata *conn = data->conn;
  2131. (void) err;
  2132. (void) sockindex; /* we only support SCP on the fixed known primary socket */
  2133. /* libssh returns int */
  2134. nread = ssh_scp_read(conn->proto.sshc.scp_session, mem, len);
  2135. #if 0
  2136. /* The following code is misleading, mostly added as wishful thinking
  2137. * that libssh at some point will implement non-blocking ssh_scp_write/read.
  2138. * Currently rc can only be SSH_OK or SSH_ERROR. */
  2139. myssh_block2waitfor(conn, (nread == SSH_AGAIN) ? TRUE : FALSE);
  2140. if(nread == SSH_AGAIN) {
  2141. *err = CURLE_AGAIN;
  2142. nread = -1;
  2143. }
  2144. #endif
  2145. return nread;
  2146. }
  2147. /*
  2148. * =============== SFTP ===============
  2149. */
  2150. /*
  2151. ***********************************************************************
  2152. *
  2153. * sftp_perform()
  2154. *
  2155. * This is the actual DO function for SFTP. Get a file/directory according to
  2156. * the options previously setup.
  2157. */
  2158. static
  2159. CURLcode sftp_perform(struct Curl_easy *data,
  2160. bool *connected,
  2161. bool *dophase_done)
  2162. {
  2163. CURLcode result = CURLE_OK;
  2164. struct connectdata *conn = data->conn;
  2165. DEBUGF(infof(data, "DO phase starts"));
  2166. *dophase_done = FALSE; /* not done yet */
  2167. /* start the first command in the DO phase */
  2168. state(data, SSH_SFTP_QUOTE_INIT);
  2169. /* run the state-machine */
  2170. result = myssh_multi_statemach(data, dophase_done);
  2171. *connected = conn->bits.tcpconnect[FIRSTSOCKET];
  2172. if(*dophase_done) {
  2173. DEBUGF(infof(data, "DO phase is complete"));
  2174. }
  2175. return result;
  2176. }
  2177. /* called from multi.c while DOing */
  2178. static CURLcode sftp_doing(struct Curl_easy *data,
  2179. bool *dophase_done)
  2180. {
  2181. CURLcode result = myssh_multi_statemach(data, dophase_done);
  2182. if(*dophase_done) {
  2183. DEBUGF(infof(data, "DO phase is complete"));
  2184. }
  2185. return result;
  2186. }
  2187. /* BLOCKING, but the function is using the state machine so the only reason
  2188. this is still blocking is that the multi interface code has no support for
  2189. disconnecting operations that takes a while */
  2190. static CURLcode sftp_disconnect(struct Curl_easy *data,
  2191. struct connectdata *conn,
  2192. bool dead_connection)
  2193. {
  2194. CURLcode result = CURLE_OK;
  2195. (void) dead_connection;
  2196. DEBUGF(infof(data, "SSH DISCONNECT starts now"));
  2197. if(conn->proto.sshc.ssh_session) {
  2198. /* only if there's a session still around to use! */
  2199. state(data, SSH_SFTP_SHUTDOWN);
  2200. result = myssh_block_statemach(data, TRUE);
  2201. }
  2202. DEBUGF(infof(data, "SSH DISCONNECT is done"));
  2203. return result;
  2204. }
  2205. static CURLcode sftp_done(struct Curl_easy *data, CURLcode status,
  2206. bool premature)
  2207. {
  2208. struct connectdata *conn = data->conn;
  2209. struct ssh_conn *sshc = &conn->proto.sshc;
  2210. if(!status) {
  2211. /* Post quote commands are executed after the SFTP_CLOSE state to avoid
  2212. errors that could happen due to open file handles during POSTQUOTE
  2213. operation */
  2214. if(!premature && data->set.postquote && !conn->bits.retry)
  2215. sshc->nextstate = SSH_SFTP_POSTQUOTE_INIT;
  2216. state(data, SSH_SFTP_CLOSE);
  2217. }
  2218. return myssh_done(data, status);
  2219. }
  2220. /* return number of sent bytes */
  2221. static ssize_t sftp_send(struct Curl_easy *data, int sockindex,
  2222. const void *mem, size_t len, CURLcode *err)
  2223. {
  2224. ssize_t nwrite;
  2225. struct connectdata *conn = data->conn;
  2226. (void)sockindex;
  2227. nwrite = sftp_write(conn->proto.sshc.sftp_file, mem, len);
  2228. myssh_block2waitfor(conn, FALSE);
  2229. #if 0 /* not returned by libssh on write */
  2230. if(nwrite == SSH_AGAIN) {
  2231. *err = CURLE_AGAIN;
  2232. nwrite = 0;
  2233. }
  2234. else
  2235. #endif
  2236. if(nwrite < 0) {
  2237. *err = CURLE_SSH;
  2238. nwrite = -1;
  2239. }
  2240. return nwrite;
  2241. }
  2242. /*
  2243. * Return number of received (decrypted) bytes
  2244. * or <0 on error
  2245. */
  2246. static ssize_t sftp_recv(struct Curl_easy *data, int sockindex,
  2247. char *mem, size_t len, CURLcode *err)
  2248. {
  2249. ssize_t nread;
  2250. struct connectdata *conn = data->conn;
  2251. (void)sockindex;
  2252. DEBUGASSERT(len < CURL_MAX_READ_SIZE);
  2253. switch(conn->proto.sshc.sftp_recv_state) {
  2254. case 0:
  2255. conn->proto.sshc.sftp_file_index =
  2256. sftp_async_read_begin(conn->proto.sshc.sftp_file,
  2257. (uint32_t)len);
  2258. if(conn->proto.sshc.sftp_file_index < 0) {
  2259. *err = CURLE_RECV_ERROR;
  2260. return -1;
  2261. }
  2262. /* FALLTHROUGH */
  2263. case 1:
  2264. conn->proto.sshc.sftp_recv_state = 1;
  2265. nread = sftp_async_read(conn->proto.sshc.sftp_file,
  2266. mem, (uint32_t)len,
  2267. conn->proto.sshc.sftp_file_index);
  2268. myssh_block2waitfor(conn, (nread == SSH_AGAIN)?TRUE:FALSE);
  2269. if(nread == SSH_AGAIN) {
  2270. *err = CURLE_AGAIN;
  2271. return -1;
  2272. }
  2273. else if(nread < 0) {
  2274. *err = CURLE_RECV_ERROR;
  2275. return -1;
  2276. }
  2277. conn->proto.sshc.sftp_recv_state = 0;
  2278. return nread;
  2279. default:
  2280. /* we never reach here */
  2281. return -1;
  2282. }
  2283. }
  2284. static void sftp_quote(struct Curl_easy *data)
  2285. {
  2286. const char *cp;
  2287. struct connectdata *conn = data->conn;
  2288. struct SSHPROTO *protop = data->req.p.ssh;
  2289. struct ssh_conn *sshc = &conn->proto.sshc;
  2290. CURLcode result;
  2291. /*
  2292. * Support some of the "FTP" commands
  2293. */
  2294. char *cmd = sshc->quote_item->data;
  2295. sshc->acceptfail = FALSE;
  2296. /* if a command starts with an asterisk, which a legal SFTP command never
  2297. can, the command will be allowed to fail without it causing any
  2298. aborts or cancels etc. It will cause libcurl to act as if the command
  2299. is successful, whatever the server reponds. */
  2300. if(cmd[0] == '*') {
  2301. cmd++;
  2302. sshc->acceptfail = TRUE;
  2303. }
  2304. if(strcasecompare("pwd", cmd)) {
  2305. /* output debug output if that is requested */
  2306. char *tmp = aprintf("257 \"%s\" is current directory.\n",
  2307. protop->path);
  2308. if(!tmp) {
  2309. sshc->actualcode = CURLE_OUT_OF_MEMORY;
  2310. state(data, SSH_SFTP_CLOSE);
  2311. sshc->nextstate = SSH_NO_STATE;
  2312. return;
  2313. }
  2314. Curl_debug(data, CURLINFO_HEADER_OUT, (char *) "PWD\n", 4);
  2315. Curl_debug(data, CURLINFO_HEADER_IN, tmp, strlen(tmp));
  2316. /* this sends an FTP-like "header" to the header callback so that the
  2317. current directory can be read very similar to how it is read when
  2318. using ordinary FTP. */
  2319. result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp));
  2320. free(tmp);
  2321. if(result) {
  2322. state(data, SSH_SFTP_CLOSE);
  2323. sshc->nextstate = SSH_NO_STATE;
  2324. sshc->actualcode = result;
  2325. }
  2326. else
  2327. state(data, SSH_SFTP_NEXT_QUOTE);
  2328. return;
  2329. }
  2330. /*
  2331. * the arguments following the command must be separated from the
  2332. * command with a space so we can check for it unconditionally
  2333. */
  2334. cp = strchr(cmd, ' ');
  2335. if(!cp) {
  2336. failf(data, "Syntax error in SFTP command. Supply parameter(s)");
  2337. state(data, SSH_SFTP_CLOSE);
  2338. sshc->nextstate = SSH_NO_STATE;
  2339. sshc->actualcode = CURLE_QUOTE_ERROR;
  2340. return;
  2341. }
  2342. /*
  2343. * also, every command takes at least one argument so we get that
  2344. * first argument right now
  2345. */
  2346. result = Curl_get_pathname(&cp, &sshc->quote_path1, sshc->homedir);
  2347. if(result) {
  2348. if(result == CURLE_OUT_OF_MEMORY)
  2349. failf(data, "Out of memory");
  2350. else
  2351. failf(data, "Syntax error: Bad first parameter");
  2352. state(data, SSH_SFTP_CLOSE);
  2353. sshc->nextstate = SSH_NO_STATE;
  2354. sshc->actualcode = result;
  2355. return;
  2356. }
  2357. /*
  2358. * SFTP is a binary protocol, so we don't send text commands
  2359. * to the server. Instead, we scan for commands used by
  2360. * OpenSSH's sftp program and call the appropriate libssh
  2361. * functions.
  2362. */
  2363. if(strncasecompare(cmd, "chgrp ", 6) ||
  2364. strncasecompare(cmd, "chmod ", 6) ||
  2365. strncasecompare(cmd, "chown ", 6) ||
  2366. strncasecompare(cmd, "atime ", 6) ||
  2367. strncasecompare(cmd, "mtime ", 6)) {
  2368. /* attribute change */
  2369. /* sshc->quote_path1 contains the mode to set */
  2370. /* get the destination */
  2371. result = Curl_get_pathname(&cp, &sshc->quote_path2, sshc->homedir);
  2372. if(result) {
  2373. if(result == CURLE_OUT_OF_MEMORY)
  2374. failf(data, "Out of memory");
  2375. else
  2376. failf(data, "Syntax error in chgrp/chmod/chown/atime/mtime: "
  2377. "Bad second parameter");
  2378. Curl_safefree(sshc->quote_path1);
  2379. state(data, SSH_SFTP_CLOSE);
  2380. sshc->nextstate = SSH_NO_STATE;
  2381. sshc->actualcode = result;
  2382. return;
  2383. }
  2384. sshc->quote_attrs = NULL;
  2385. state(data, SSH_SFTP_QUOTE_STAT);
  2386. return;
  2387. }
  2388. if(strncasecompare(cmd, "ln ", 3) ||
  2389. strncasecompare(cmd, "symlink ", 8)) {
  2390. /* symbolic linking */
  2391. /* sshc->quote_path1 is the source */
  2392. /* get the destination */
  2393. result = Curl_get_pathname(&cp, &sshc->quote_path2, sshc->homedir);
  2394. if(result) {
  2395. if(result == CURLE_OUT_OF_MEMORY)
  2396. failf(data, "Out of memory");
  2397. else
  2398. failf(data, "Syntax error in ln/symlink: Bad second parameter");
  2399. Curl_safefree(sshc->quote_path1);
  2400. state(data, SSH_SFTP_CLOSE);
  2401. sshc->nextstate = SSH_NO_STATE;
  2402. sshc->actualcode = result;
  2403. return;
  2404. }
  2405. state(data, SSH_SFTP_QUOTE_SYMLINK);
  2406. return;
  2407. }
  2408. else if(strncasecompare(cmd, "mkdir ", 6)) {
  2409. /* create dir */
  2410. state(data, SSH_SFTP_QUOTE_MKDIR);
  2411. return;
  2412. }
  2413. else if(strncasecompare(cmd, "rename ", 7)) {
  2414. /* rename file */
  2415. /* first param is the source path */
  2416. /* second param is the dest. path */
  2417. result = Curl_get_pathname(&cp, &sshc->quote_path2, sshc->homedir);
  2418. if(result) {
  2419. if(result == CURLE_OUT_OF_MEMORY)
  2420. failf(data, "Out of memory");
  2421. else
  2422. failf(data, "Syntax error in rename: Bad second parameter");
  2423. Curl_safefree(sshc->quote_path1);
  2424. state(data, SSH_SFTP_CLOSE);
  2425. sshc->nextstate = SSH_NO_STATE;
  2426. sshc->actualcode = result;
  2427. return;
  2428. }
  2429. state(data, SSH_SFTP_QUOTE_RENAME);
  2430. return;
  2431. }
  2432. else if(strncasecompare(cmd, "rmdir ", 6)) {
  2433. /* delete dir */
  2434. state(data, SSH_SFTP_QUOTE_RMDIR);
  2435. return;
  2436. }
  2437. else if(strncasecompare(cmd, "rm ", 3)) {
  2438. state(data, SSH_SFTP_QUOTE_UNLINK);
  2439. return;
  2440. }
  2441. #ifdef HAS_STATVFS_SUPPORT
  2442. else if(strncasecompare(cmd, "statvfs ", 8)) {
  2443. state(data, SSH_SFTP_QUOTE_STATVFS);
  2444. return;
  2445. }
  2446. #endif
  2447. failf(data, "Unknown SFTP command");
  2448. Curl_safefree(sshc->quote_path1);
  2449. Curl_safefree(sshc->quote_path2);
  2450. state(data, SSH_SFTP_CLOSE);
  2451. sshc->nextstate = SSH_NO_STATE;
  2452. sshc->actualcode = CURLE_QUOTE_ERROR;
  2453. }
  2454. static void sftp_quote_stat(struct Curl_easy *data)
  2455. {
  2456. struct connectdata *conn = data->conn;
  2457. struct ssh_conn *sshc = &conn->proto.sshc;
  2458. char *cmd = sshc->quote_item->data;
  2459. sshc->acceptfail = FALSE;
  2460. /* if a command starts with an asterisk, which a legal SFTP command never
  2461. can, the command will be allowed to fail without it causing any
  2462. aborts or cancels etc. It will cause libcurl to act as if the command
  2463. is successful, whatever the server reponds. */
  2464. if(cmd[0] == '*') {
  2465. cmd++;
  2466. sshc->acceptfail = TRUE;
  2467. }
  2468. /* We read the file attributes, store them in sshc->quote_attrs
  2469. * and modify them accordingly to command. Then we switch to
  2470. * QUOTE_SETSTAT state to write new ones.
  2471. */
  2472. if(sshc->quote_attrs)
  2473. sftp_attributes_free(sshc->quote_attrs);
  2474. sshc->quote_attrs = sftp_stat(sshc->sftp_session, sshc->quote_path2);
  2475. if(!sshc->quote_attrs) {
  2476. Curl_safefree(sshc->quote_path1);
  2477. Curl_safefree(sshc->quote_path2);
  2478. failf(data, "Attempt to get SFTP stats failed: %d",
  2479. sftp_get_error(sshc->sftp_session));
  2480. state(data, SSH_SFTP_CLOSE);
  2481. sshc->nextstate = SSH_NO_STATE;
  2482. sshc->actualcode = CURLE_QUOTE_ERROR;
  2483. return;
  2484. }
  2485. /* Now set the new attributes... */
  2486. if(strncasecompare(cmd, "chgrp", 5)) {
  2487. sshc->quote_attrs->gid = (uint32_t)strtoul(sshc->quote_path1, NULL, 10);
  2488. if(sshc->quote_attrs->gid == 0 && !ISDIGIT(sshc->quote_path1[0]) &&
  2489. !sshc->acceptfail) {
  2490. Curl_safefree(sshc->quote_path1);
  2491. Curl_safefree(sshc->quote_path2);
  2492. failf(data, "Syntax error: chgrp gid not a number");
  2493. state(data, SSH_SFTP_CLOSE);
  2494. sshc->nextstate = SSH_NO_STATE;
  2495. sshc->actualcode = CURLE_QUOTE_ERROR;
  2496. return;
  2497. }
  2498. sshc->quote_attrs->flags |= SSH_FILEXFER_ATTR_UIDGID;
  2499. }
  2500. else if(strncasecompare(cmd, "chmod", 5)) {
  2501. mode_t perms;
  2502. perms = (mode_t)strtoul(sshc->quote_path1, NULL, 8);
  2503. /* permissions are octal */
  2504. if(perms == 0 && !ISDIGIT(sshc->quote_path1[0])) {
  2505. Curl_safefree(sshc->quote_path1);
  2506. Curl_safefree(sshc->quote_path2);
  2507. failf(data, "Syntax error: chmod permissions not a number");
  2508. state(data, SSH_SFTP_CLOSE);
  2509. sshc->nextstate = SSH_NO_STATE;
  2510. sshc->actualcode = CURLE_QUOTE_ERROR;
  2511. return;
  2512. }
  2513. sshc->quote_attrs->permissions = perms;
  2514. sshc->quote_attrs->flags |= SSH_FILEXFER_ATTR_PERMISSIONS;
  2515. }
  2516. else if(strncasecompare(cmd, "chown", 5)) {
  2517. sshc->quote_attrs->uid = (uint32_t)strtoul(sshc->quote_path1, NULL, 10);
  2518. if(sshc->quote_attrs->uid == 0 && !ISDIGIT(sshc->quote_path1[0]) &&
  2519. !sshc->acceptfail) {
  2520. Curl_safefree(sshc->quote_path1);
  2521. Curl_safefree(sshc->quote_path2);
  2522. failf(data, "Syntax error: chown uid not a number");
  2523. state(data, SSH_SFTP_CLOSE);
  2524. sshc->nextstate = SSH_NO_STATE;
  2525. sshc->actualcode = CURLE_QUOTE_ERROR;
  2526. return;
  2527. }
  2528. sshc->quote_attrs->flags |= SSH_FILEXFER_ATTR_UIDGID;
  2529. }
  2530. else if(strncasecompare(cmd, "atime", 5) ||
  2531. strncasecompare(cmd, "mtime", 5)) {
  2532. time_t date = Curl_getdate_capped(sshc->quote_path1);
  2533. bool fail = FALSE;
  2534. if(date == -1) {
  2535. failf(data, "incorrect date format for %.*s", 5, cmd);
  2536. fail = TRUE;
  2537. }
  2538. #if SIZEOF_TIME_T > 4
  2539. else if(date > 0xffffffff) {
  2540. failf(data, "date overflow");
  2541. fail = TRUE; /* avoid setting a capped time */
  2542. }
  2543. #endif
  2544. if(fail) {
  2545. Curl_safefree(sshc->quote_path1);
  2546. Curl_safefree(sshc->quote_path2);
  2547. state(data, SSH_SFTP_CLOSE);
  2548. sshc->nextstate = SSH_NO_STATE;
  2549. sshc->actualcode = CURLE_QUOTE_ERROR;
  2550. return;
  2551. }
  2552. if(strncasecompare(cmd, "atime", 5))
  2553. sshc->quote_attrs->atime = (uint32_t)date;
  2554. else /* mtime */
  2555. sshc->quote_attrs->mtime = (uint32_t)date;
  2556. sshc->quote_attrs->flags |= SSH_FILEXFER_ATTR_ACMODTIME;
  2557. }
  2558. /* Now send the completed structure... */
  2559. state(data, SSH_SFTP_QUOTE_SETSTAT);
  2560. return;
  2561. }
  2562. CURLcode Curl_ssh_init(void)
  2563. {
  2564. if(ssh_init()) {
  2565. DEBUGF(fprintf(stderr, "Error: libssh_init failed\n"));
  2566. return CURLE_FAILED_INIT;
  2567. }
  2568. return CURLE_OK;
  2569. }
  2570. void Curl_ssh_cleanup(void)
  2571. {
  2572. (void)ssh_finalize();
  2573. }
  2574. void Curl_ssh_version(char *buffer, size_t buflen)
  2575. {
  2576. (void)msnprintf(buffer, buflen, "libssh/%s", ssh_version(0));
  2577. }
  2578. #endif /* USE_LIBSSH */